Cybercriminals attacked several WordPress websites by sending fake CloudFlare DDoS pop-ups infected with remote access trojan malware. WordPress users were shown pop-ups that suggested downloading an update to protect their system. Upon downloading and installing the update, the infected files activated the trojan malware on the user’s device and multiple servers. The DDoS (distributed denial of service) messages on WordPress resulted from several JavaScript injections targeting the website.
According to a report by website security and protection platform Sucuri, files injected with trojan malware popped up on the screen while using WordPress. The users were asked to open the file to get a verification code to access WordPress. A “personal verification code” was displayed on the screen that the user was asked to enter on the site. It was this file that contained the remote access trojan.
The fake CloudFlare DDoS prompts were downloaded in the form of .sio file. It installed the NetSupport RAT that enabled remote access to the system without the user’s knowledge. As per the report, the Raccoon stealer malware was injected to copy passwords, cookies, and autofill data from browsers. Interestingly, the file injected with the remote access trojan was flagged as “malicious” by several security vendors.
The DDoS pop-ups displayed while trying to access WordPress can impact users in various ways, such as hacking their passwords, taking screenshots of online activities, changing system settings, selling bank details on the dark web, and slowing down entire networks, among others.
Keeping all software up to date is one way for users or companies to safeguard their networks from fake DDoS pop-ups or similar DDoS attacks. Not clicking on fake DDoS pop-ups is very important; closing them as they appear is advised. A script blocker may also help block malicious files from running on user devices.
AI fraud, deepfake probes, SME cyber warnings, and ransomware cases highlight rising global risks in this week’s Cyber Express roundup.
French national bank authority confirmed a major data breach affecting 1.2 million bank accounts after a malicious actor stole credentials…
The real success of AI will not only depend on how powerful the technology becomes, but on how safely, fairly,…
Israel data breach totals two petabytes, with phishing up 35% and cyber influence attacks rising 170%, says Yossi Karadi.
The UMMC cyberattack halted surgeries, closed clinics statewide and triggered a federal probe into potential patient data exposure.
ESET researchers discovered PromptSpy, the first known Android malware to integrate generative AI directly into its execution flow, marking a…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More
View Comments