Thousands of WordPress sites compromised by hackers


Attackers are using thousands of sites running on WordPress to launch attacks against innocent visitors.

First reported by Ars Technica, the malware campaign started almost three weeks ago but only picked up speed towards the end of last week when the amount of affected sites spiked dramatically.

Sucuri CTO Daniel Cid admitted as much in a blog post where he explained that the number of sites targeted per day went from 1,000 on Tuesday to almost 6,000 by Thursday as attackers aggressively look to target end users.

"If you think about it, the compromised websites are just means for the criminals to get access to as many endpoint desktops as they can," Cid said. "What's the easiest way to reach out to endpoints? Websites, of course."

Just 17% of sites blocked

The malware, known as 'visitorTracker_isMob', is thought to be taking advantage of vulnerabilities in WordPress plugins, however, Sucuri still hasn't been able to work out how the sites are actually being hacked into.

Google has already blocked some 17% of the attacked sites. The warnings inform users that the site in question has been compromised and gives them the choice whether to proceed or not. Cid went on to add that the attackers have also managed to crack security provider Coverity, something that is being used to their advantage.