Follow us on social

Latest Posts

Stay in Touch With Us

For Advertising, media partnerships, sponsorship, associations, and alliances, please connect to us below

Email
info@globaltechoutlook.com

Phone
+91 40 230 552 15

Address
540/6, 3rd Floor, Geetanjali Towers,
KPHB-6, Hyderabad 500072

Follow us on social

Globaltechoutlook

  /  cybersecurity   /  Website Owners Beware! Hackers are Now Targetting Your WordPress Tools for Scams
WordPress

Website Owners Beware! Hackers are Now Targetting Your WordPress Tools for Scams

A massive hacking campaign compromised thousands of WordPress websites and injected malicious scripts into them.

WordPress is a content management system that allows you to host and build websites. So, WordPress tools contain plugin architecture and template systems, so that you can customize any website to fit your business, blog, portfolio, or online store. Hackers are targeting multiple vulnerabilities in these plugins and themes to compromise websites and inject malicious scripts into them. Cybersecurity researchers at Sucuri, a security provider owned by GoDaddy, sounded the alarm on the hacking campaign, which redirected site visitors to scams. In this cyberattack, malicious JavaScript codes are being injected into several WordPress websites.

 

Cyberattacks on WordPress

These cyberattacks are related to themes and plugins built by thousands of third-party developers using the open-source WordPress software, and not WordPress.com. All of these websites share a common issue as they are facing malicious JavaScript codes hidden in their files and databases. Experts have no idea how many websites have been infected by hackers until now, but reports estimate that the cyberattack campaign was responsible for nearly 6,000 infected websites alone.

The Sucuri researcher’s team explained that JavaScript makers divert that leads users to a range of poisoned apples, including phishing pages and malware. To top it all off, guests probably won’t actually see they’re going down the web’s form of a dull and risky rear entryway, as the redirect landing page looks fairly innocent. Any plugin or theme hosted on WordPress.org, the website for the software, is regularly scanned for vulnerabilities.

The researchers’ team has seen a convergence in grievances about this particular wave. As per their report, the massive campaign targeting WordPress sites beginning May 9th, 2022, has influenced many sites now, at the time of writing. It has also been found that cyberattackers are targeting multiple vulnerabilities in WordPress plugins and themes to compromise the website and inject their malicious scripts. And the hackers will continue registering new domains for this ongoing campaign as soon as existing ones become blacklisted.