Welcome to WebmasterWorld Guest from 18.104.22.168
We are seeing a large number of WordPress sites compromised with the “visitorTracker_isMob” malware code. This campaign started 15 days ago, but only in the last few days have we started to see it gain traction; really affecting a large number of sites. Report: New Malware Campaign Targeting Vulnerable WordPress Plugins [blog.sucuri.net]
We detected thousands of sites compromised with this malware just today and 95% of them are using WordPress. We do not have a specific entry point determined yet, but it seems to be a campaign targeting latest vulnerabilities in plugins. Out of all the sites we detected to be compromised, 17% of them already got blacklisted by Google and other popular blacklists.
The amazing thing is how many sites that use it , don't need to use either it or the add ons, they are small enough not to need a CMS, they use no comments, would be fine as just flat files ..Ahh, but that would require some learning.
Many plugins only perform some cosmetic task that could be easily assigned to css.