Security News > 2024 > April > Hackers deploy crypto drainers on thousands of WordPress sites
Almost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that automatically steal funds.
Website security firm Sucuri disclosed last month that hackers had compromised approximately 1,000 WordPress sites to promote crypto drainers, which they promoted via malvertising and YouTube videos.
It is believed that the threat actors were unsuccessful with their original campaign and began deploying news scripts on the compromised sites to turn visitors' web browsers into tools for brute-forcing the admin passwords at other sites.
According to cybersecurity researcher MalwareHunterTeam, the threat actors have now begun monetizing the pool of sites to display pop-ups promoting fake NFT offers and crypto discounts.
Crypto drainers have become a massive problem for the cryptocurrency community, with threat actors hacking well-known X accounts and creating AI videos and malicious advertising to promote websites that utilize malicious scripts.
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites.