Windows
Mac OS
Mobile

Latest world news: November 13th, 2017 - Keylogger was found in the Mantistek keyboards RSS Feed

Home>Articles>Keylogger was discovered on 5500 sites powered by WordPress
Top keyloggers
View more...

Keylogger was discovered on 5500 sites powered by WordPress

by thehackernews

The specialists of Sucuri company have been monitoring for a long time one malicious enterprise, the roots of which belong to cloudflare.solutions domain. Sure thing that this domain has nothing to do with the Cloudflare company, but fraudulent scripts use exactly this source for spreading. They have the same principle as keyloggers, which consists in stealing all the sensitive data of users. Sometimes, such scripts can load different cryptocurrency miners on the already infected sites.

In April 2017 analytics have noticed such campaign for the first time. Along with advertising banners, a malicious JavaScript penetrated into compromised sites. Recently, there was the second incident, in November 2017. The same hackers, but a slightly changed strategy: malicious scripts begin to disguise as jQuery and Google Analytics JavaScript. Actually, they represent Coinhive web miner. According to researches of analytics, this campaign infected 1833 sites.
The investigators reported that hackers change their tactic again. The scripts are still doing mining thanks to the visitors of compromised sites. Besides, the features of keyloggers are already used in their strategy.

First of all, attackers are interested in sites managed by WordPress, which are the main target of this team. Criminals compromise resources in any way they want, and then conceal their scripts, for example, in the functions.php file.
The experts emphasized that malicious scripts are downloaded both on the frontend and on the backend of sites, that is, they are able to capture logins and passwords that users type when logging into admin panel. On the frontend, scripts usually steal information intended for comments. After all, WordPress remain to be the basis for many online stores. This means that the numbers of bank cards and other personal data of users are at a great risk.

According to PublicWWW, these malicious scripts now penetrate into 5496 resources (Alexa admitted that these sites are among 200 000 of the most popular ones).
Read the full article
Home>Articles>Keylogger was discovered on 5500 sites powered by WordPress
IMPORTANT! Installing computer monitoring tools on computers you do not own or do not have permission to monitor may violate local, state or federal law.