Hacker invaded Wyoming Medical Center

Hacker invaded Wyoming Medical Center

Hackers invaded Wyoming medical center systems forcing a hospital to cancel some surgeries, stop accepting ...
Read More

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
Latest Posts

Malvertising campaign exploits known vulnerabilities of WordPress


Some researchers of Defiant have discovered one new malvertising campaign, which he uses vulnerabilities of WordPress, to infects websites with malicious software.

Hackers exploit known vulnerabilities that have been identified in popular add-ons WordPresssuch as "Coming Soon and Maintenance Mode", "Yellow Pencil Visual CSS Style Editor" and "Blog Designer". These add-ons are installed on thousands of websites.

Hackers install a small piece code JavaScript, which installs an add-on malicious code from an external domain and executes it every time, where visitors are browsed to the infringed website.

The malvertising campaign, identified by the Defiant team, provokes the appearance unwanted pop-ups advertisements on sites and on redirecting users to malicious destinations.

In the beginning, the victims are led to a domain that controls the type of the visitor's device. Then, malicious code redirects them to malicious destinations, which can include technical support scams, malicious Android APKs, and various ads.

To carry out the campaign, the hackers they used cross-site scripting (XSS) vulnerabilities, which had been identified in Blog Designer and Coming Soon and Maintenance Mode, and an issue related to authentication that was detected in the Yellow Pencil.

"The vulnerability of Yellow Pencil could allow attackers to take full control of a site," the researchers said.

This vulnerability had been used in another hacking campaign in April.

The vulnerability is detected in the yellow-pencil.php file and can give the attacker administrator rights.

As far as cross-site scripting (XSS) vulnerabilities are concerned, most of them identified in this campaign were sent from IP addresses that were associated with popular hosting providers.

How useful was this post?

Average rating / 5. Vote count:

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Absent Mia

About Absent Mia

Being your self, in a world that constantly tries to change you, is your greatest achievement

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *