Security News > 2024 > April > Hackers deploy crypto drainers on thousands of WordPress sites
Almost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that automatically steal funds.
Website security firm Sucuri disclosed last month that hackers had compromised approximately 1,000 WordPress sites to promote crypto drainers, which they promoted via malvertising and YouTube videos.
It is believed that the threat actors were unsuccessful with their original campaign and began deploying news scripts on the compromised sites to turn visitors' web browsers into tools for brute-forcing the admin passwords at other sites.
According to cybersecurity researcher MalwareHunterTeam, the threat actors have now begun monetizing the pool of sites to display pop-ups promoting fake NFT offers and crypto discounts.
Crypto drainers have become a massive problem for the cryptocurrency community, with threat actors hacking well-known X accounts and creating AI videos and malicious advertising to promote websites that utilize malicious scripts.
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites.
News URL
Related news
- zkLend loses $9.5M in crypto heist, asks hacker to return 90% (source)
- Hackers pose as employers to steal crypto, login credentials (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist (source)
- Hackers target AI and crypto as software supply chain risks grow (source)
- The 4 WordPress flaws hackers targeted the most in Q1 2025 (source)
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Hackers abuse WordPress MU-Plugins to hide malicious code (source)