Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites.

When redirected, users see annoying pages with random utroro[.]com addresses and fake reCAPTCHA images. The messages and content try to convince visitors to verify and subscribe to browser notifications without disclosing the purpose of this behavior.

Alternative redirect URLs include:

hxxp://murieh[.]space/?h=930130016_dc950a456f7_100&h_l=&h_5=sub_id_2&h_2=def_sub

hxxps://unverf[.]com/?h=930130016_dc950a456f7_100&h_l=&h_5=sub_id_2&h_2=def_sub
Injected Scripts

The injected malware involves a script from one of the following two sites: cdn.eeduelements[.]com and cdn.allyouwant[.]online.

Continue reading Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins at Sucuri Blog.

Via Sucuri.net

Tags: , , ,

No comments yet.

Leave a Reply