corenominal

Full stack web developer, interested in all the things, but especially the web, code, design, Linux, OS X, PHP, WordPress, JavaScript & robots.

Mysterious spike in WordPress hacks silently delivers ransomware to visitors image/svg+xml

In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites have been hacked to silently redirect visitors to a series of malicious sites. The attack sites host code from┬áthe Nuclear exploit kit that’s available for sale in black markets across the Internet. People who visit the WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can then find their computers infected with the Teslacrypt ransomware package, which encrypts user files and demands a hefty ransom for the decryption key needed to restore them.

Nasty. I wonder if it’s just a coincidence that WordPress 4.4.2 was released a few days ago, with details of the exploits it fixed?

Semi-related, my local County Council’s systems were shut down last week due to a ransomware attack. I think the payload was delivered by email, but the result was the same. Apparently, the ransom was $500 in Bitcoin.

$500. WTF!?

Leave a comment

Your email address will not be published. Required fields are marked *