Monday, November 30, 2015

WordPress sites once again being compromised

November 30, 2015

Several WordPress-based websites, including the Reader's Digest site, have been on the receiving end of a another hacking campaign, this one injecting the sites with malware that has uses Angler exploit kit upload various trojans.

Malwarebytes is reporting an increase in the number of compromised WordPress sites with the Reader's Digest, www.rd.com, being one of the most high-profile victims. In the latest cases the malicious script is uploaded through a compromised web page that redirects visitors to a URL that then uploads the Angler EK. Malwarebytes said during the course of its investigation it witnessed the Angler EK delivering the Bedep trojan which, in turn, loaded the Necurs backdoor trojan onto the visitor's computer. 

Malwarebytes did note that the payload being delivered varied from site to site and even day to day.

The Angler EK exploits up to Flash Player version 19.0.0.207,which was patched by Adobe on October 16.

This is the second time in a week that sites using WordPress were in the news playing the role of victim in an attack. Those incidents reported last week targeted the U.K. newspaper The Independent.

Reader's Digest, which is part of the Trusted Media Brands portfolio, was notified of the problem by Malwarebytes, but the company said the publisher has not taken any action and that www.rd.com is still delivering malware.

Reader's Digest has also not yet replied to an inquiry by SCMagazine.com on the issue.


Source: WordPress sites once again being compromised

No comments:

Post a Comment