Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites
After a recent investigation, security researchers found that countless WordPress sites have fallen victim to a hacking campaign.
The widespread campaign is responsible for injecting malicious JavaScript code into thousands of compromised WordPress websites over the past few months. The hacked JavaScript code on these websites sends visitors through a series of website redirects to serve them unwanted ads.
The security attack was discovered and reported by Sucuri, a GoDaddy owned security provider. Their research revealed that the months-long hacking campaign has been targeting security holes in WordPress themes and plugins.
The discovery of the campaign was following an enormous complaint of unwanted website redirects.
The injected JavaScript creates redirects that leads website visitors to phishing pages, malware and other malicious sites. To the average eye, the landing page of the redirected website could look innocent, so users may not even realize they’ve stumbled upon a hacked website.
In some cases, unsuspecting website visitors will receive unwanted ads and push notifications if they click on the fake CAPTCHA. Worst of all, these ads will look like they come from the operating system, not the browser. These push notifications are a tactic used by hackers to attack users with a common tech support scam. The notifications will appear as the system operator, claiming that the computer is running slow or infected. The notifications will then suggest that the user calls a number to fix the problem.
It’s important to note that the compromised websites are related to WordPress themes or plugins built by third-party developers with WordPress software, and not directly associated with WordPress.com.
The report published by Sucuri found that there are at least 322 WordPress plugins and themes that have fallen victim to the security attack. Sucuri also notes that the “actual number of impacted websites is likely much higher.”
In fact, 6000 websites have been reported as infected by this campaign in April alone.
This unfortunate security attack reminds us how important it is to make sure your website is safe and secure from hackers.