Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Hackers use outdated versions of WordPress and plugins to change and install visitors to download and install and install visitors, and found security researchers.
The hacking campaign is still “lives a lot”, founder and CEO of the founder and General Director of the website of the website of the attacks Simon Wijckmans, TechCrunch reported in Tuesday.
The purpose of the hackers is to distribute a malicious program to steal passwords and other personal information from both Windows and MAC users. Some of the hacked websites are among the C / Side, the most popular sites on the Internet.
“This is a widespread and multi-commercial attack” Himanshu Anand, Written Himanshu Anand The company’s findingsHe told Techcrunch. Anand said that the campaign is a “spray and payment” attack, which is aimed at compromising anyone who visits such websites, rather than a certain person or group of campaigns.
Hacked WordPress sites are loaded in the user’s browser, change the contents quickly to display the fake Chrome browser update page, change the image of the website and install an update to view the website and view the website. If the visitor adopts the update, the hacked website will offer the visitor to download a certain damaged file depending on the visitor whether the visitor is on Windows PC or Mac.
Wijckmans said that they developed the Hacking campaign, who developed WordPress and sends them a list of harmful domains and received their email in the company.
When it was obtained by Techcrunch before the publication, a spokesperson Megan Fox did not comment.
C / Side said that more than 10,000 websites appeared to be compromised as part of this hacking campaign. Wijckmans found a technique to find domains and web addresses, which revealed harmful scripts in several domains and searching for detection DNS in a few domains.
TechCrunch failed to confirm the accuracy of the C / Side’s figures, but we have seen a Hacked WordPress website yet a Hacked WordPress website displaying harmful content on Tuesday.
Infostealing malware from WordPress
Two types of harmful programs pushing to harmful sites are known as Amos (or Amos Atomer) targeting MacOS users; and Socgolish that targeting Windows users.
Cybersecurity firm in May 2023 Sentinelone published a report In Amos, it classifies the harmful program as one infostallerDeveloped to infect computers and many usernames and passwords, session cookies, crypters, crypters and other sensitive information allow other sensitive information that allow the victim’s accounts and steal digital currency. CyberSecurity firm still As soon as the hackers saw access to Amos harmful programs in the telegram.
Patrick Wardle, a MacOS Security Specialist and an Heaven Apple-focused CyberSecure Startup DoublehyouTechCrunch said that Amos was established in the “Macos, the most longest stealing” and the malware is created in the Hakers, which includes harmful programs and owners.
Wore also noted that the user still has to manage it to successfully install the malware in the malicious file found by the C / Side and passes many hoops to overcome the internal security of Apple. ”
Given that these hackers are trusting their goals to fall into the fake update page and install a malware, it may not be the most advanced hack campaign, and this is a good reminder to update your chrome browser Through the feature of internal software update and install reliable applications in your personal devices.
The abduction of malware and credentials was accused of theft for the biggest hacks and information violations in history. In 2024, hackers raided the accounts of corporate giants hosted by vulnerable information with a massive cloud By using the passwords stolen from their computers of Snowflake customers’ computers.
