WordPress Sites Targeted by Malware and Backdoors, Thousands Compromised
Originally Published 2 years ago — by The Hacker News
Researchers have discovered a sophisticated strain of malware that disguises itself as a WordPress caching plugin, allowing it to create administrator accounts and gain remote control over compromised websites. The malware includes various functions such as pinging to check if it is still operational, file modification capabilities, and the ability to activate and deactivate plugins remotely. It can also create rogue admin accounts and alter posts and page content, injecting spam links or buttons. The malware aims to monetize victim sites while compromising SEO rankings and user privacy. The exact scale of the attacks and the initial intrusion vector are currently unknown.