WordPress under attack by whack-a-mole ad-scam malware

Forum Moderators: rogerd & travelin cat

Message Too Old, No Replies

WordPress under attack by whack-a-mole ad-scam malware

JavaScript attack spreads among sites, re-infects after cleansing

tangor

9:16 pm on Feb 3, 2016 (gmt 0)

Sucuri threat researcher Denis Sinegubko says a "massive" advertising scam campaign is affecting users visiting WordPress sites, injecting backdoors and constantly re-infecting sites.

The prolific virus-destroyer (@unmaskparasites) says writers are injecting code into all JavaScript files on a targeted WordPress sites.

[theregister.co.uk...]

Yet one more reason for "ad blockers" and "script blockers".

ken_b

12:11 am on Feb 4, 2016 (gmt 0)

At the risk of further illustrating my ignorance of such things..... does this ...

It sets an advertising cookie on infected machines

mean that if we surf with cookies blocked we avoid this?

.

tangor

12:53 am on Feb 4, 2016 (gmt 0)

It will help, of course, but there are other considerations in this ugly as well. If you also have your browser set to deny third party (ie, does not originate on the web site) AND deny js, you'll be better protected.

This, of course, will "break" the web in general (unless you don't mind reading source code).

Nothing wrong with js, other than it is not secure and never has been, or cookies, which are helpful in many regards, but the bad boys will always take advantage and in that, dear friends, is the rub. In this case it is js under assault.

Me? (just sayin') I have adblockers and script killers AND in the browser js turned OFF. I pick and choose when to allow ... and (sorry WP guys and gals) NEVER on a WordPress site. WP is too insecure. HOWEVER, most of the time I can still view content on WP sites with js dead, unless it has been modified for more js. :)

Nature of the Beast, so to speak.