According to HelpNet Security, thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates to visitors.
This campaign has been going on since at least December 2017 and has been gaining steam. The malicious actors are injecting JavaScript that triggers the download requests into the content management systems’ JavaScript files or directly into the sites’ homepage.
How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%
According to Malwarebytes’ estimates, thousands or WordPress and Joomla sites and a little over 900 SquareSpace sites have been injected with the malicious scripts.
Read more: HelpNet Security