|

Linked – Mysterious spike in WordPress hacks silently delivers ransomware to visitors

ByMike McBride Reading Time: 1 minute

620861371_41bc79ff9e_m_wordpress

“It’s still not clear how, but a disproportionately large number of websites that run on the WordPress content management system are being hacked to deliver crypto ransomware and other malicious software to unwitting end users.

In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites have been hacked to silently redirect visitors to a series of malicious sites. The attack sites host code from the Nuclear exploit kit that’s available for sale in black markets across the Internet. People who visit the WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can then find their computers infected with the Teslacrypt ransomware package, which encrypts user files and demands a hefty ransom for the decryption key needed to restore them.”

Keep an eye on your sites folks. It’s not clear how this is happening, but it might not hurt to check on the .js files in your WordPress install.

Mysterious spike in WordPress hacks silently delivers ransomware to visitors

Similar Posts

  • What I’m Sharing (weekly)

    ByMike McBride Reading Time: 1 minute

    The Implications of Working Without an Office

    The Explosion of Organizational Data is at a Tipping Point: Here’s How to Understand What You Have and Mitigate Risk

    This Big Law Firm Has Permanent Plans for Remote Working

    Zooming from video meetings to discovery requests about video meetings

    How To Enable Ransomware Protection Feature on Windows 10

    Coronavirus: The Expert’s Practical Guide to Job Searching During Self Containment

    Discovery from Microsoft Office 365

    Deloitte Takes Aim at U.S. Legal Services Market With Tech Unit

    – Not really a surprise, the Big 4 have been moving significantly into this area, and thanks to COVID layoffs, lots of in-house teams are doing with less, looking for options.

    10 Tips for Job Searching When You Also Have Depression

    Estonia is Building a “Robot Judge” to Help Clear Legal Backlog

    – Interesting, but dangerous if they can’t get the bias out of the #AI

    Beware of the Perils of Allowing Self-Collection

  • Cool

    ByMike McBride Reading Time: 1 minute

    Thanks to Cam World for pointing out this $399 computer from Walmart. When did Wally’s World start selling PC’s with no OS? That’s not a bad deal at all, seems like a pretty powerful machine, but no network card sort of sucks. That can be dealt with. I’ve never used a Microtel machine, anyone have…

  • Wake up calls

    ByMike McBride Reading Time: 2 minutes

    Hmm wasn’t it lovely of someone to call our house before 7AM today, and every 15 minutes thereafter, trying to send a fax through our voice line. Nothing like a good “fuck you” early on a Monday! Geek let me have a sneak peek at his subscriber-only article on the possible death of internet radio….

  • | |

    Planning Ahead for a Presentation to RSS Newbies

    ByMike McBride Reading Time: 1 minute

    So I’m scheduled to do a presentation next month to a group of fellow Litigation Support folks who are new to the idea of using RSS to keep track of the latest e-discovery blogs, and how to use other technologies like an RSS feed of “recommending reading” from those RSS feeds, or Wiki’s as knowledge…

  • |

    Linked: The Cybersecurity War is Here, and Everyone is a Combatant

    ByMike McBride Reading Time: 2 minutes

    I have said before that I think the biggest reason that customers and “regular” people don’t straight up demand businesses get better at security and privacy is that they don’t really understand it. This is closely followed by the fact that “regular people” aren’t necessarily damaged by these data leaks or anything else all that…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)