Security News > 2023 > April > Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
2023-04-10 10:16

Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017.

The massive campaign, per GoDaddy's Sucuri, "Leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites.

The report builds on recent findings from Doctor Web, which detailed a Linux malware family that exploits flaws in more than two dozen plugins and themes to compromise vulnerable WordPress sites.

Balada Injector further carries out broad searches from top-level directories associated with the compromised website's file system to locate writable directories that belong to other sites.

"Most commonly, these sites belong to the webmaster of the compromised site and they all share the same server account and the same file permissions," Sinegubko said.

WordPress users are recommended to keep their website software up-to-date, remove unused plugins and themes, and use strong WordPress admin passwords.


News URL

https://thehackernews.com/2023/04/over-1-million-wordpress-sites-infected.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 49 36 409 104 29 578