According to researchers from Avast, the high trafficked Assassinscreedfrance.fr web site, has been serving ZeuS crimeware variants to its visitors for over 8 weeks. Moreover, the researchers point out that the web site is among the remaining 1,841 legitimate web sites serving the same crimeware variant.
The web site is currently returning a "Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /homepages/23/d207590046/htdocs/wp-content/plugins/countdown-timer/fergcorp_countdownTimer.php on line 1050" error message.
How did the malicious attackers obtained access to the affected gaming web site? By exploiting the outdated Wordpress version running on this domain. Avast is also confirming that based on an analysis of 6000 affected .com web sites, a huge percentage of them are susceptible to exploitation through outdated and vulnerable Wordpress plugins.
Users are advised to keep an eye for newer version of the popular blogging platform, including the introduction of new versions of the Wordpress plugins currently in use by their web sites.