Compromised WordPress sites serving client-side exploits and malware

Summary:Security researchers from TrendMicro are reporting on mass compromise of WordPress sites, currently serving client-side exploits and malware to users.

Security researchers from TrendMicro are reporting on mass compromise of WordPress sites, currently serving client-side exploits and malware to users who click on malicious links in the spamvertised emails connected with the campaign.

According to TrendMicro, cybercriminals are impersonating the Better Business Bureau and LinkedIn in their spamvertised emails, enticing end and corporate users into clicking on the malicious links found in the emails.

Upon clicking on the links, users are exposed to the Black Hole web malware exploitation kits, currently serving CVE-2010-0188 and CVE-2010-1885 exploits, ultimately dropping a CRIDEX malware variant.

Cybercriminals regularly take advantage of compromised legitimate infrastructure acting and distribution and infection vector for their malicious campaigns, in an attempt to trick web filters into correctly identifying the legitimate infrastructure where the distribution and infection vectors are hosted.

End and corporate users are advised to ensure that they're not running outdated versions of their-party software and browser plugins, as well as to avoid interacting with these emails.

Topics: Security, Malware

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.