Keylogger Found on Nearly 5,500 Infected WordPress Sites

9 December 2017

Nearly 5,500 WordPress sites are infected with a malicious script that logs keystrokes and sometimes loads an in-browser cryptocurrency miner.

The malicious script is being loaded from the “cloudflare.solutions” domain, which is not affiliated with Cloudflare in any way, and logs anything that users type inside form fields as soon as the user switches away from an input field.

The script is loaded on both a site’s frontend and backend, meaning it can also log usernames and passwords when logging into a site’s admin panel.

Read full news article on BleepingComputer

Date:

9 December 2017

Categorie(s):

NEWS

Tag(s):

Keylogger, Wordpress

20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 202428 April 2024