Author Topic: Stealthy Malware Disguises Itself as a WordPress License Key  (Read 296 times)

0 Members and 1 Guest are viewing this topic.

Offline Antus67

  • Full Member
  • ***
  • Posts: 62
    • View Profile
Stealthy Malware Disguises Itself as a WordPress License Key
« on: January 31, 2019, 01:04:44 PM »

Author: Tara Seals
January 30, 2019 11:59 am





A spam injector hides in plain site within WordPress theme files.

UPDATE

A spam-injecting malware is targeting WordPress site owners by disguising itself as a legitimate license key for a WordPress design theme.

According to analysis from Sucuri, a customer opened a malware removal ticket reporting “some weird spam URLs injected onto their WordPress website.” After further investigation into the files on the website, analysts uncovered a hidden encoded spam injector malware in the “./wp-content/themes/toolbox/functions.php” WordPress theme, masquerading as a license key.

Full Article Here:https://threatpost.com/malware-wordpress-license-key/141315/