Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

The Future of Process Automation is Here: Meet TwinH

Jack Dorsey says his “safe” new bitchat app hasn’t been tested for security

Hallucinations about soundslice on chatgpt music app frequently, founders have made to lie

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » The hacker hijacks the WordPress site and pushes Windows and Mac Malware
Startups

The hacker hijacks the WordPress site and pushes Windows and Mac Malware

userBy userJanuary 29, 2025No Comments4 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

Hackers are trying to change their visitors to download thousands of websites to deceive thousands of websites, deceive thousands of web sites, and install malware.

Simon Wijckmans, the founder and CEO of the Web Security Company C/Side, told TechCrunch on Tuesday that the hacking campaign was still “very many live.”

Hacker’s goal is to spread malware that can steal passwords and other personal information from both Windows and Mac users. According to C/Side, some of the hacked websites are ranked on the most popular site on the Internet.

“This is a wide and very commercialized attack,” said Himanshu Anand, who wrote the company’s survey results. Anand said that the campaign was not a specific person or a group, but a “spray and pay” attack for compromising those who visit these websites.

When a hacked WordPress site is loaded into a user browser, the content is quickly changed and the fake Chrome browser update page is displayed, downloaded to visitors on the website, installed to display the website. I will do it. If the visitor accepts the update, the hacked website encourages visitors to download a specific malicious file to masculate as an update, depending on whether the visitor is on the Windows PC or Mac.

WijckMans has sent a list of malicious domains in a company that develops and distributes WordPress.com, a hacking campaign, and warned that contacts at the company have accepted e -mail reception.

When I contacted TechCrunch before publishing, Megan Fox, Automattic spokesman, did not comment on the news time. After the release, Automattic stated that the security of the third party plug -in was ultimately responsible for the WordPress plugin developer.

“There is a specific guideline that the author of the plugin must consult and comply with the plug -in author to ensure the overall quality and user safety of the plug -in. You can freely use plug -in handbooks covering many security tofics, such as manage best practices and plugin security, “said Spokesman.

C/Side stated that it has identified more than 10,000 websites, which seemed to have been compromised as part of this hacking campaign. According to Wijckmans, the company has detected malicious scripts in several domains by crawging the Internet and performing reverse DNS lookup. This is a method of finding a domain and website associated with a specific IP address, clarifying the domain that hosts malicious scripts.

TechCrunch could not confirm the accuracy of C/Side’s numbers, but on Tuesday, I saw one of the hacked WordPress websites, which still displayed malicious content.

From WordPress to Infostealing Malware

Two types of malware pushed on malicious websites are known as Amos (or AMOS Atomic Stealer) for MacOS users. Socgholish targeting Windows users.

In May 2023, Cyber ​​Security Company Sentinelone published a report on Amos, infected malware with Infostealer, computers, and many user names and passwords, session Cookie, Crypto Walet, and other confidential data that enables hackers. We classify the type of malware designed to steal. Invents further into the victim’s account and steals digital currency. Cyber, a cyber security company, reported that hackers were selling Telegram’s access to Amos Malware.

PATRICK WARDLE, a co-founder of Cyber ​​Security Startup Doubleyou, who is a macOS security expert and a co-founder of Cyber ​​Security Startup DoubleYou, tells TechCrunch that Amos is “MacOS’s most many-crafted stellar”. Created with a-service business model. Malware developers and owners sell them to hackers sold to hackers.

Wardle also said, “The user still needs to do it manually and jumps over a lot of hoops to install a lot of hoops in order to properly install the malicious files found by C/Side. You need to bypass. ”

This may not be a state -of -the -art hacking campaign, but considering that the hacker rely on the target and falls into a fake update page and installs malware, this is a chromium browser via the built -in software update function. It is a good reminder to update. Also, install only reliable apps on personal devices.

Malware and qualifications that steal passwords have been accused of some of the largest hacking and data infringement in history. In 2024, the hacker gained a lot of accounts of a company that hosted confidential data on a huge cloud computing snowflake, using a password stolen from a Snowflake customer computer.

This story has been updated to include comments from Automattic spokesman.


Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleDonald Trump goes to war with his employees
Next Article Donald Trump’s education department has reduced DEI programs and staff
user
  • Website

Related Posts

Jack Dorsey says his “safe” new bitchat app hasn’t been tested for security

July 9, 2025

Hallucinations about soundslice on chatgpt music app frequently, founders have made to lie

July 9, 2025

Linda Jaccarino resigns as CEO of Elon Musk’s X

July 9, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

The Future of Process Automation is Here: Meet TwinH

Jack Dorsey says his “safe” new bitchat app hasn’t been tested for security

Hallucinations about soundslice on chatgpt music app frequently, founders have made to lie

Gold Melody IAB exploits exposed ASP.NET machine keys to unauthorized access to targets

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

The Future of Process Automation is Here: Meet TwinH

Robots Play Football in Beijing: A Glimpse into China’s Ambitious AI Future

TwinH: A New Frontier in the Pursuit of Immortality?

Meta’s Secret Weapon: The Superintelligence Unit That Could Change Everything 

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.