Almost 30,000 websites have been hit by a mass injection attack, most of which are based on the WordPress content management system, Websense has found.
Over 200,000 webpages have been compromised by a small slice of code, which has been placed at the bottom of pages.
Visitors to infected pages have been redirected to fake antivirus sites, as cyber criminals look to dupe people into downloading Trojans onto their system by claiming their systems are already infected with lots of nasty malware.
After this access is maintained to the compromised website, the injected code keeps getting updated periodically.
The majority of the infected sites (85 per cent) are based in the US. Of those checked by Websense, nearly five per cent of visitors to infected sites were from the UK.
"The injected websites in this campaign have many different versions of WordPress CMS installed. Usually in this type of mass injections; vulnerabilities or security holes in certain versions and their accompanied infrastructure are abused to get initial access to those websites," a Websense spokesperson told IT Pro.
"Therefore after this access is maintained to the compromised website, the injected code keeps getting updated periodically i.e. in every new cycle of the mass injection.
"What is for sure is that because WordPress is so widely used all over the world, every version of it is studied and exploited by hackers. These rogue AV scams keep re-emerging and adapting to avoid detection."
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
