Sites Compromised with Different Infections

An in depth look at tow pieces of malware that redirects victims to a spammy casino websites. The discovery of two distinct infections within a singular site constitutes a significant finding, underscoring the importance of vigilant maintenance of updates and their inherent value.

Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels.

We recently came across a database injection that has two different pieces of malware accomplishing two unrelated goals. The first injection redirects users to a spammy sports website and the second injection boosts authority of a spammy casino website within search engines.

The discovery of two distinct infections within a singular site constitutes a significant finding, underscoring the importance of vigilant maintenance of updates and their inherent value.

Would you like to read more? Visit the article at the Sucuri Blog.

https://blog.sucuri.net/2023/01/vulnerable-wordpress-sites-compromised-with-different-database-infections.html