Malware attack infects more than 100,000 web sites

Malware attack infects more than 100,000 web sites

A new online malware attack has claimed more than 100,000 web sites since this past Sunday and the number keeps on growing, a report from the online security firm Sucuri says.

The origin of the malware is Russia and all affected web sites run WordPress. The attack so far has prompted Google to blacklist more than 11,000 of the affected domains. The malware does its evil deeds through a previously known vulnerability in a WordPress plug-in called Slider Revolution and modifies the wp-includes/template-loader.php file, causing the wp-includes/js/swobject.js file to be loaded on every page on the site, which in turn loads the malware from a Russian website.

Not everyone is affected but if you run WordPress via Internet Explorer you might become a victim. In addition to that the yet unnamed malicious software makes use of a number of new backdoor payloads, some of which get injected into images to further assist evasion while others are being used to inject new administrator users into vulnerable WordPress installs. Unfortunately the malware is not easy to stop or remove – if you delete the aforementioned files this will not address the leftover backdoors and initial entry points. The only way to get rid of the malware is to make sure that the Slider Revolution plug-in is up to date but this is not easy – some web sites do not even know that they have the plug-in.

In the meantime you can find out if your web site is affected here – just use Sucuri’s free site scanner.

Source: Techspot.com

Related posts

NEC ships 3D ready NP115 DLP projector

NEC America announced a new addition to NP Value Series projectors - the NP115, which will replace the successful NP110 model designed for growing small-to-medium businesses and education environments. The NP115 offers 2500-lumen brightness, its 3D-Ready, packs 7-watt speaker and features ECO...

Core i7-6700K gets tested against Core i7-4790K

Core i7-6700K gets tested against Core i7-4790K

The web site Techbang.com has published the first test results of the upcoming Intel Core i7-6700K processor, which will be Intel’s flagship desktop CPU for the future Skylake generation. As you know these chips will appear on August 5 and will power an entirely new platform that will include...

Sony unveils Cyber-shot DSC-WX5, DSC-TX9 3D cameras and 14 megapixel DSC-T99

Sony today refreshed its Cyber-shot digital cameras with two new models DSC-TX9 and DSC-WX5,  that are claimed to be "the world’s smallest 3D cameras", capable to capture 3D images with a single lens system using a sweeping motion. Both DSC-WX5 and DSC-TX9 are powered by 12.2 megapixel Exmor...

Leave a comment