Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan
In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems.
Type of website impacted and the scope of infection
We reported a similar fake browser update in a recent June article. The current version of this malware affects WordPress sites, and we saw a similar case in August, 2024 which is now detected by SiteCheck as malware.fake_update.7.