Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Several WordPress sites hit again with more attacks

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 22, 2016

It's reported today that several WordPress sites have been attacked yet one more time. Wordpress' scripts simply appear to be vulnerable to all kinds of attacks and this one isn't different from the others it would seem.

The Internet Storm Center (ISC) has spotted so-called 'admedia hacker attacks' breaking out of their original WordPress vectors. And there's been more than one report so far.

According to a blog post late last week, the ISC says that “the group behind the WordPress 'admedia' campaign is now attacking Joomla-hosted sites.”

The other evolution in the campaign is that since it was first noticed at the beginning of this month mostly dropping the Nuclear exploit kit on target sites, it's now added Angler, making matters a lot worse.

ISC's Duncan, who is also a security researcher at Rackspace, also notes that the attackers have started using “megaadvertize” in their gateway URLs (instead of “admedia” as was used when the attack was first spotted).

But the technique stays the same-- the target site is compromised to generate hidden iFrames in visitors' browsers, and the malicious URLs act as a “gateway between the compromised Website and the exploit kit hosted on the WordPress server”.

As has happened several times in the past, a script injection was the initial attack, with the JavaScript files from the compromised site carrying appended malicious scripts.

From there it's a short walk to ransomware hell. WordPress is a favorite platform for hackers since so many sites use it as a blogging tool, and that greatly increases the chances of being hacked into.

Security threat researcher Denis Sinegubko says that a huge advertising scam campaign recently affected thousands of users visiting WordPress sites. He says the scam injected several backdoors and constantly re-infected websites all over again.

Source: The Internet Storm Center.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer