Zum Inhalt der Seite gehen
Over 1,000 WordPress Sites Infected with JavaScript Backdoors enabling persistent Attacker Access.

"Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in a analysis last week.

https://cside.dev/blog/thousands-of-websites-hit-by-four-backdoors-in-3rd-party-javascript-attack

#wordpress #javascript #backdoors #it #security #privacy #engineer #media #tech #news
The development comes as the cybersecurity company detailed another malware campaign has compromised more than 35,000 websites with malicious JavaScript that "fully hijacks the user's browser window" to redirect site visitors to Chinese-language gambling platforms. <https://cside.dev/blog/over-35-000-websites-targeted-in-full-page-hijack-linking-to-a-chinese-language-gambling-scam> The findings also follow a new report from Group-IB about a threat actor dubbed ScreamedJungle that injects a JavaScript code-named Bablosoft JS into compromised Magento websites to collect fingerprints of visiting users. More than 115 e-commerce sites are believed to be impacted to date. <https://www.group-ib.com/blog/fingerprint-heists/> The injected script is "part of the Bablosoft BrowserAutomationStudio (BAS) suite," the Singaporean company said, adding it "contains several other functions to collect information about the system and browser of users visiting the compromised website."

Thousands of websites hit by four backdoors in 3rd party JavaScript attack

While analyzing threats targeting WordPress frameworks, we found an attack where a single 3rd party JavaScript file was used to inject four separate backdoors into 1,000 compromised websites using cdn.csyndication[.]com/.
c/side
#news #privacy #tech #wordpress #media #security #backdoors #it #engineer #javascript