Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

data breach


network threats

AI generated Image

The rogue code is inserted in the WordPress index.php file, with Sucuri noting that it has removed such changes from more than 33,000 files on the compromised sites in the past 60 days. Even more troublingly, the website for one such ad blocker named Crystal Blocker is engineered to display misleading browser update alerts to trick the users into installing its extension depending on the web browser used. Thus when unsuspecting users land on one of the hacked WordPress sites, a redirect chain is triggered by means of a traffic direction system, landing the victims on pages serving sketchy ads about products that ironically block unwanted ads.

Source read time: 2 min - thehackernews.com

Also offered in: Nederlands

More news for you