Search This Blog
Popular Posts
-
Elegant Themes has been developing WordPress themes for a long time. It has developed lots of popular themes including Divi, Nexus, Fa...
-
Terri Seymour Terri Seymour has almost 20 years of internet marketing experience and has helped many people start their own business. ...
-
Flickr/Laura D'Alessandro See Also I took Harvard Business School's new pre-MBA course online — and it is definitely w...
-
Hello there! My blog post 'Spikes' was published on Sept. 22nd; however, the post before it called 'Flow' was published on...
-
I seem to receive about three emails a day asking me for advice on how to become a blogger. I try to respond to every email, how...
-
Hi there! There isn't a true e-commerce solution here at WordPress.com. You can, however get a PayPal button. If you get a PayPal bu...
-
re: iamcharlieg.com There are no monthly payment plans. We are billed annually and have to pay in full at the time of upgrading. re: p...
-
To click or not to click, that is the question. It is both interesting and frightening how such a simple decision can, in a high enoug...
-
The popular platform for building and running websites fixed two XSS-scripting vulnerabilities and a potential privilege escalation ex...
-
At the ripe young age of 32, back in 2009, Uber CEO Travis Kalanick apparently launched a Wordpress blog called Swooshing, and for some ...
Blog Archive
- December (18)
- November (29)
- October (27)
- September (29)
- August (31)
- July (30)
- June (29)
- May (29)
- April (30)
- March (31)
- February (28)
- January (31)
- December (31)
- November (30)
- October (31)
- September (30)
- August (43)
- July (42)
- June (33)
- May (43)
- April (36)
- March (37)
- February (31)
- January (4)
- December (1)
- November (1)
- October (24)
- September (24)
- August (25)
- July (28)
- June (18)
- September (1)
Total Pageviews
Blogroll
Realstatistics campaign targets WordPress, Joomla! sites
Securi researchers spotted a malware campaign dubbed Realstatistics infecting thousands of websites built on Joomla! and WordPress content management systems (CMS).
The campaign is named after of the domain used by the attackers, Securi Founder and CTO Daniel Cid said in a July 6 Sucri blog post.
Once infected, the malware redirects victims to the Neutrino Exploit kit which attempts to exploit the user's browser, using either browser-specific or Flash and PDF reader vulnerabilities, to unload the CryptXXX ransomware.
Researchers have seen an influx of new compromised sites every day over the last two weeks.
Using limited resources, researchers were able to detect 2,000 sites that have been infected over the last two weeks however, researchers assume the real number of infected sites is at least 10,000, according to the post.
Researchers said 60 percent of the affected websites are running outdated Joomla and WordPress software and that 90 percent of sites are on a CMS that researchers were able to fingerprint.
"From this data I would say that the attacker is likely targeting a common vulnerabilities across either platform, and the updated instances are likely residual affects of being in the same environment," Cid said.
On July 3, Google started blacklisting sites with the realstatistics[.]pro code but by then bad guys had managed to infect a security site.
Cid said The PCI Policy Portal has been infected for days and has since been blacklisted by both Google and Norton.
Researchers recommend that owners of at risk sites clean up their sites and patch anyu issues that might contribute to the attack vector.
Source: Realstatistics campaign targets WordPress, Joomla! sites
0 comments:
Post a Comment