Infostealer-Injecting Plugins infect Thousands of WordPress Sites

 

Hackers are using WordPress sites to install malicious plugins that propagate malware that steals information by displaying fake updates and errors.

Infostealing malware has become a global nuisance for security defenders in recent years, as compromised credentials are used to infiltrate networks and steal data. 

Since 2023, a malicious campaign known as ClearFake has been used to display bogus web browser update banners on compromised sites that spread data-stealing malware. 

A new campaign named ClickFix was launched in 2024; it is quite similar to ClearFake, but it poses as software error warnings with fixes included. These “fixes” are actually PowerShell scripts that, when executed, will download and install malware that steals data. 

This year has seen a rise in ClickFix attacks, in which threat actors hack websites to show banners displaying fake issues for Facebook, Google Meet conferences, Google Chrome, and even captcha pages. 
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: