The following distributed brute force attacks were carried out using compromised WordPress sites

The following distributed brute force attacks were carried out using

Hacked WordPress sites were used to facilitate distributed brute-force attacks against other sites via malicious JavaScript injections as part of an attack campaign that initially involved exploiting compromised WordPress sites to enable crypto-draining injections, The Hacker reported. News.

After securing a list of targeted WordPress sites and extracting the author's username, threat actors continue to inject malicious JavaScript code into compromised sites. Attacks are then launched when such sites are visited by unsuspecting users, enabling unauthorized access to the sites originally targeted, Sucuri's report found. “For each password in the list, the visitor's browser sends a wp.uploadFile XML-RPC API request to upload a file with the encrypted credentials that were used to authenticate this particular request. If authentication succeeds, a small text file with valid credentials is generated. in the WordPress downloads directory,” said Sucuri researcher Dennis Sinegubko. The development comes after it was reported that a new SocGholish malware campaign involves impersonating WordPress plugins.

READ  WordPress and Tumblr to Sign AI Learning Content Agreement

Leave a Reply

Your email address will not be published. Required fields are marked *