OMG! More Than 2000 WordPress Websites Infected With A Keylogger

OMG! More Than 2000 WordPress Websites Infected With A Keylogger

OMG! More Than 2000 WordPress Websites Infected With A Keylogger

The rise of cryptocurrencies has caused that one of the most common forms of malware during the last weeks is the mining software. There are different methods of attack, but the intention of the attackers is to inject code into high traffic web pages.

This injected code is used to mine cryptocurrencies using the power of the visitors’ CPU. And in the case that concerns us, in addition to the ‘mining’, a keylogger has also been introduced.

A huge amount of web pages around the world uses the CMS – or content manager – WordPress. This platform is focused for the attack that occupies us, which consist the injection of malicious code that acts as a cryptocurrency and keylogger mining system.

According to computer security experts who have found the problem on more than 2,000 websites have been affected by this malware; which uses the CPU of the visitors, and also records the pulsations that they carry out on their keyboard.

Mining malware continues to spread to more web pages

WordPress is constantly launching new updates to its content manager for ‘hosted auto’ websites. And these updates are those that prevent and avoid attacks like the one that concerns us. However, not all portals that use WordPress as CMS update as soon as a new version arrives, and there are many vulnerabilities that are found in the CMS.

The problem with this campaign is that it can steal login data not only from visitors but also from administrator accounts. Therefore, full access to the portal could be stolen easily.

On the one hand, there is the problem of the mining code; it harms the visitors, exclusively, using its CPU for the cryptocurrency mining. And on the other hand, there is the keylogger, which serves to steal passwords and user accounts to administrators and visitors.

It is relatively easy to get rid of the ‘malware’ they have discovered, but the essential thing, in this case, is to act quickly and, of course, prevent the attack by updating the platform to the latest available version.

So, what do you think about this severe malware? Simply share all your thoughts and opinion in the comment section below.

Add Comment