“If you’ve visited a website in recent days and have been accidentally redirected to the same pages with schematic” resources “or unwanted ads, it’s likely that the site was 1) created using WordPress tools and 2) hacked,” he said. Gizmodo. Details are taken from this post in the blog of researchers Sucuri (security provider owned by GoDaddy):
As noted in our latest report on hacked websites, we are tracking a long-running campaign responsible for introducing malicious scripts to hacked WordPress websites. The company exploits known vulnerabilities in WordPress themes and plugins and has affected a huge number of websites over the year – for example, according to PublicWWW, the April wave of this campaign was the cause of only nearly 6,000 infected websites. Since these PublicWWW results show detection only for simple injection scenarios, we can assume that the volume is much larger.
At the time of writing, PublicWWW has reported 322 websites affected by this new wave … Given that this number does not include pervasive malware or sites that have not yet been scanned by PublicWWW, the actual number of websites affected is likely to be much higher. Our team has noticed an influx of complaints about this particular wave of mass campaigns targeting WordPress sites since May 9, 2022, which affected hundreds of websites at the time of writing …
We expect hackers to continue registering new domains for this permanent company as soon as existing ones are blacklisted.
“It’s important to note that these hacks are related to themes and plugins created by thousands of third-party developers using open source WordPress software, not WordPress.com, which offers hosting and tools for creating websites,” notes Gizmodo. But it also quotes this warning from Sucuri malware analyst Krassimir Konov:
“This page causes unsuspecting users to subscribe to push notifications from the malicious site. If they click on a fake CAPTCHA, they will be enabled to receive unwanted ads, even if the site is not open – and the ad will look as if it came from the operating system as well. not from the browser, ”Konov wrote.