A sweeping, long-lasting malicious campaign dubbed “Balada Injector” has
compromised an estimated 1 million WordPress websites since its inception in
2017.
compromised an estimated 1 million WordPress websites since its inception in
2017.
The campaign leverages “all known and recently discovered theme and plugin
vulnerabilities” to inject a Linux backdoor that lets attackers gain
unauthorized access to affected websites. The campaign’s primary objective
appears to be redirecting users to fraudulent tech support pages, fake lottery
wins, and push notification scams.
According
