Bad news for those who use Wordpress for their business or personal websites. According to security firm Sucuri, a not-so-inconsiderable number Wordpress installations affected by a new "visitorTracker_isMob" piece of malware in the past two weeks. Visitors who try to go to these sites are redirected to a new page that their system probes for all kinds of weaknesses. If found there, said the system is compromised, and it only gets worse from there.
"This malware campaign is interesting, the ultimate goal is to use as many malicious sites as possible to redirect all their visitors to a nuclear Exploit Kit landing page. The landing pages will seek a wide range of available browser exploits to infect the computers of unsuspecting visitors' reads Sucuri's blog post.
"If you think about it, the compromised websites are only means the criminals to gain access to as many end desktops as they can. What is the easiest way to reach out to endpoints? Websites, of course."
The best things you can do to protect yourself against this type of attack to make sure that your system is updated. This also applies to the installation of the latest updates OS that Microsoft or Apple offers, as well as any updates to other critical software related to your web browsing such as Java (which you have just downright off) and Adobe Flash (which you do not need 't use anyway). Make sure you use antivirus and anti-malware apps on a regular basis, too.
According to Sucuri, about 95 percent of infected websites it detects all running WordPress. This put about 17 percent or so already in Google's blacklists (and other malware blacklists).
As for Wordpress administrators, Sucuri has some tips for protecting your own sites at the Visitor Tracker malware.
"If you're a WordPress user, make sure all your plugins updated, including premium ones. I also recommend checking your site via our free Security / Malware Scanner (Site Check) to check if you currently affected by this campaign. If you are an administrator and have access to your server, you can use the following command (grep) to search for the infection to your files, "reads the company blog post.
"This malware campaign is interesting, the ultimate goal is to use as many malicious sites as possible to redirect all their visitors to a nuclear Exploit Kit landing page. The landing pages will seek a wide range of available browser exploits to infect the computers of unsuspecting visitors' reads Sucuri's blog post.
"If you think about it, the compromised websites are only means the criminals to gain access to as many end desktops as they can. What is the easiest way to reach out to endpoints? Websites, of course."
The best things you can do to protect yourself against this type of attack to make sure that your system is updated. This also applies to the installation of the latest updates OS that Microsoft or Apple offers, as well as any updates to other critical software related to your web browsing such as Java (which you have just downright off) and Adobe Flash (which you do not need 't use anyway). Make sure you use antivirus and anti-malware apps on a regular basis, too.
According to Sucuri, about 95 percent of infected websites it detects all running WordPress. This put about 17 percent or so already in Google's blacklists (and other malware blacklists).
As for Wordpress administrators, Sucuri has some tips for protecting your own sites at the Visitor Tracker malware.
"If you're a WordPress user, make sure all your plugins updated, including premium ones. I also recommend checking your site via our free Security / Malware Scanner (Site Check) to check if you currently affected by this campaign. If you are an administrator and have access to your server, you can use the following command (grep) to search for the infection to your files, "reads the company blog post.
EmoticonEmoticon