Last month, a customer contacted us after noticing their WordPress website was unexpectedly redirecting to a spam domain. The redirection occurred approximately 4-5 seconds after a user landed on the site.

Upon closer inspection of the site’s source code we found a suspicious Google Tag Manager loading.

This isn’t the first time we’ve seen GTM abused. Earlier this year, we analyzed a credit card skimming attack where attackers injected a payment skimmer via a GTM container.

Continue reading WordPress Redirect Malware Hidden in Google Tag Manager Code at Sucuri Blog.

Via Sucuri.net