Security News > 2022 > November > Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus Q&A portals.

"These malicious redirects appear to be designed to increase the authority of the attacker's sites for search engines," Sucuri researcher Ben Martin said in a report published last week, calling it a "Clever black hat SEO trick."

The search engine poisoning technique is designed to promote a "Handful of fake low quality Q&A sites" that share similar website-building templates and are operated by the same threat actor.

It's worth pointing out that the redirects don't occur if the wordpress logged in cookie is present or if the current page is wp-login.

The ultimate goal of the campaign is to "Drive more traffic to their fake sites" and "Boost the sites' authority using fake search result clicks to make Google rank them better so that they get more real organic search traffic."

It's not immediately clear how the WordPress sites are breached, and Sucuri said it did not notice any obvious plugin flaws being exploited to carry out the campaign.

News URL

https://thehackernews.com/2022/11/over-15000-wordpress-sites-compromised.html