Skip to Main Content
Thousands of WordPress Sites Hacked

Thousands of WordPress Sites Hacked

20 June 2022

Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites

After a recent investigation, security researchers found that countless WordPress sites have fallen victim to a hacking campaign.

The widespread campaign is responsible for injecting malicious JavaScript code into thousands of compromised WordPress websites over the past few months. The hacked JavaScript code on these websites sends visitors through a series of website redirects to serve them unwanted ads.

The security attack was discovered and reported by Sucuri, a GoDaddy owned security provider. Their research revealed that the months-long hacking campaign has been targeting security holes in WordPress themes and plugins.

The discovery of the campaign was following an enormous complaint of unwanted website redirects.

The injected JavaScript creates redirects that leads website visitors to phishing pages, malware and other malicious sites. To the average eye, the landing page of the redirected website could look innocent, so users may not even realize they’ve stumbled upon a hacked website.

In some cases, unsuspecting website visitors will receive unwanted ads and push notifications if they click on the fake CAPTCHA. Worst of all, these ads will look like they come from the operating system, not the browser. These push notifications are a tactic used by hackers to attack users with a common tech support scam. The notifications will appear as the system operator, claiming that the computer is running slow or infected. The notifications will then suggest that the user calls a number to fix the problem.

It’s important to note that the compromised websites are related to WordPress themes or plugins built by third-party developers with WordPress software, and not directly associated with WordPress.com.

The report published by Sucuri found that there are at least 322 WordPress plugins and themes that have fallen victim to the security attack. Sucuri also notes that the “actual number of impacted websites is likely much higher.”

In fact, 6000 websites have been reported as infected by this campaign in April alone.

This unfortunate security attack reminds us how important it is to make sure your website is safe and secure from hackers.

Custom web design and marketing solutions from our business to yours

Get a free quote.

Categories

Recent Posts

N.E.O. Urology

N.E.O. Urology

7/25/2022

We recently launched a new site for N.E.O. Urology!

Read More
Easy Ways to Add Content to your Website

Easy Ways to Add Content to your Website

7/22/2022

So how do you add content to your site? There are a few simple ways that you can start today.

Read More

View All Entries