Create a free account, or log in

Hundreds of WordPress sites compromised

Hundreds of websites based on WordPress 3.2.1 have been compromised, with visitors redirected to drive-by attack sites. Threatpost reports that the exploit works by creating a page on a compromised WordPress site which redirects users to a drive-by attack site. The attack site then uses the Phoenix exploit kit to attack a victim’s computer. Because most […]
Andrew Sadauskas
Andrew Sadauskas

Hundreds of websites based on WordPress 3.2.1 have been compromised, with visitors redirected to drive-by attack sites.

Threatpost reports that the exploit works by creating a page on a compromised WordPress site which redirects users to a drive-by attack site. The attack site then uses the Phoenix exploit kit to attack a victim’s computer.

Because most email filters have a list of suspicious websites, spam emails that link to a known attack site are usually blocked. However, by sending spam emails with links to a compromised WordPress site and then redirecting users from there, hackers are able to avoid being detected by email filters.

The news comes just days after a persistent cross-scripting flaw was discovered in the WordPress installation process. Alarmingly, WordPress officials say they aren’t planning to patch the installation vulnerability.

It is unclear at this time if the two issues are related.