WebSence has discovered a new massive Wordpress blog infection.

Yes, the more popular a software product becomes, the more there are people who, through the vulnerabilities they found in this software, benefit in any way. Who legally, reporting errors and receiving a reward, who is completely illegal. The company WebSence recently announced a new wave of blogging infecting it on the basis of CMS Wordpress, discovered by its experts. The wave is not so massive, but still, you should pay attention to this news.

In total, experts found about 30 thousand blogs based on the specified CMS. Blogs, as far as can be judged, are infected using automated software. Well, the purpose of the attackers - the spread of its program - a fake antivirus. In general, everything is quite normal. Interestingly, in this case, it’s not the webmasters themselves and their sites that suffer, but the visitors. The latest redirects (in three stages) on a site with fake antivirus products. On this site, the user is shown a message that his computer is infected. Well, then everything is on the thumb.
')
All infected blog pages had a code in the footer.



Distribution of false antivirus is not a new topic, but in this case it has become very popular, and the spread of malicious software is conducted by an unusual method. Interestingly, most of the blogs that were discovered by experts from WebSence are not related to each other. In addition, these blogs are located on different hosts, and have very different topics. The general thing in this case is that the sites worked on an outdated version of Wordpress. As a result, about 200 thousand pages were compromised (as mentioned above, these are 30 thousand resources).

Approximately 85% of hacked blogs are located in the United States, but this is more a coincidence than intentional work of intruders.

Via websense.com