If you have visited the websitewebsite the last few days and have been Randomly redirect to the same page For sketchy “resources” or unwanted ads, most likely The website in question is 1) built using WordPress tools and 2) was hacked.
Sucuri researchers Security provider owned by GoDaddy, Revealed Wednesday The hackers behind the months-long campaign focused on injecting malicious scripts into WordPress themes and plugins with known security flaws.
Notably, these hacks are related to themes and plugins built by thousands of third-party developers using the open-source WordPress software, not WordPress.comwhich one Provide hosting and tools Build a website. WordPress.com’s parent company, Automattic, is a major contributor to the software, but does not own it.
According to Sucuri, 322 WordPress sites with plugins and themes were affected by this new vulnerability, although “the actual number of affected sites is likely much higher.”
In April alone, hackers used this tactic to infect nearly 6,000 websites, said Sucuri malware analyst Krasimir Konov.
“This page tricks unsuspecting users into subscribing to push notifications from the malicious site. If they click on the fake CAPTCHA, they’ll be opted in to receive unwanted ads even when the site isn’t open — and ads will look like they come from the operating system, not from a browser,” Konov wrote.
If that weren’t bad enough, Konov said that opt-in manuevers for push notifications are one of the most common ways hackers can run tech support scams. These consist of the annoying windows that pop up out of nowhere to tell you that your computer is infected and that you should call a phone number to get it fixed. Do not do this. The Federal Trade Commission, which is an expert in detecting scams, helpfully pointed out True safety messages and warnings don’t ask you to dial a phone number for technical assistance.
WordPress.com told Gizmodo on Thursday that plugins and themes are written and maintained independently of the core WordPress software. Regarding Sucuri’s report, the company said any plugins or themes hosted on the software’s website, WordPress.org, “are regularly scanned for vulnerabilities.”
“Plugin and theme authors are notified immediately if a security issue is discovered. According to Sucuri’s report, any unpatched plugin is either down or not hosted on WordPress.org. WordPress.org also provides theme developers and plugin developers with Security resources,” a WordPress.com spokesperson said. “For self-hosted sites, WordPress users are notified and encouraged by default to update core software, plugins, and themes.”
The spokesperson added that the website hosted on WordPress.com also provides services to resolve the vulnerabilities mentioned in the report.