A cybersecurity breach has impacted over 1,000 WordPress websites, introducing malicious JavaScript that installs four distinct backdoors. These vulnerabilities enable persistent access for attackers, allowing them to execute commands and redirect users to Chinese gambling sites. Recommendations for users include removing unwanted SSH keys, updating admin credentials, and monitoring logs. This incident is part of a larger trend of website compromises, with another report noting 35,000 sites targeted in a separate attack involving browser hijacking via malicious scripts.
Over 1,000 WordPress sites were compromised by malicious JavaScript code injecting four backdoors, allowing attackers persistent access and control over these websites.
The four backdoors enable multiple points of re-entry for attackers, ensuring continued access even if one is detected and removed.
Collection
[
|
...
]