Sucuri threat researcher Denis Sinegubko says a “massive” advertising scam campaign is affecting users visiting WordPress sites, injecting backdoors and constantly re-infecting sites. The prolific virus-destroyer (@unmaskparasites) says writers are injecting code into all JavaScript files on a targeted WordPress sites.
Sinegubko says first time visitors will cop a cookie that generates fraudulent advertising income for VXers. “This past weekend we registered a spike in WordPress infections where hackers injected encrypted code at the end of all legitimate .js files,” Sinegubko says.
Original Source: The Register
View the full story here