Compromised WordPress websites delivering mysterious Ransomware

Blog, Hacking, Vulnerabilities, Wordpress Share this post

Some of the WordPress websites you are visiting might leave some crypto-ransomware on your machine. A recent report posted by the leading security firms state that a new mysterious hack campaign uses compromised WordPress websites and redirect users to a series of malicious websites hosting Nuclear Exploit Kit.wordpress-logo

“This past weekend we registered a spike in WordPress infections where hackers injected encrypted code at the end of all legitimate .js files”, says Sucuri.net.
This is not really a Malvertising campaign where machines are injected malware-laden advertisements in webpages. This hack campaign injects encrypts files on user’s machine and decryption key can be availed only after paying the demanded ransom to the hackers.

WordPress sites are injected with huge blurbs of rogue code that performs a silent redirection to domains appearing to be hosting ads. This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit, says Malwarebytes.
As per the security firms, users using obsolete versions of Internet Explorer, Adobe Reader, Flash Player, and Microsoft Silverlight are highly prone to this attack.

For those who don’t know, Ransomware is a kind of malware where the victim is forced to pay a certain demanded amount of money to get complete access to their own system. Ransomware payment is done via electronic money transfer and is specifically designed to trick the user into paying the fine. A single click on a malicious link may infect your computer with ransomware and the worst thing is that it usually goes undetected by most anti-virus programs.

However, you can still prevent ransomware by using a good antivirus software and following certain basic precautions.

About the Author

Wordpress Developer, Security Consultant, Blogger. Works in Edmonton Alberta Canada.

Leave a Reply

Your email address will not be published. Required fields are marked *