google-site-verification: google30a059f9a075f398.html

2000 WordPress Sites Infected with a Keylogger to steal admin password and Coinhive to Mine Cryptocurrency

CyberWisdom Safe Harbor Commentary on WordPress sites:

Today I came across this story from thehackernews.com that highlights more than 2,000 WordPress sites were once again found infected with an encryption mining malware that not only stole the visitor’s computer resources to dig digital money but also recorded every visitor’s keystroke.

Security researchers at Sucuri discovered a malicious activity that infected WordPress sites with malicious scripts, crypto-currency miners in browsers from CoinHive and a keylogger.
Coinhive is a popular browser-based service that provides site owners with a mechanism for embedding JavaScript to exploit the CPU capabilities of their site visitors to monetize Monero’s cryptocurrency.

Researchers at Sucuri say the threat behind this new campaign is the threat that infected over 5,400 WordPress sites last month, as both used keyloggers/cryptocurrency malware called cloudflare [. ]solution.
Cloudflare [. The solution, released in April last year, is cryptocurrency mining malware and has nothing to do with network management and cyber security company Cloudflare. Malware uses cloudflare [. ] Solution domain to spread malware initially, so this name is already given.
This malware was updated in November and includes a keylogger. Keyloggers behave in the same way as previous activities and can steal the site’s administrator login page and the site’s public front desk.

WordPress sites keyboard record
If the infected WordPress site is an e-commerce platform, hackers can steal more valuable data, including payment card data. If hackers manage to steal administrator credentials, they can log into the site without relying on the flaws to enter the site.

Read more…

More than 2,000 WordPress websites have once again been found infected with a piece of crypto-mining malware that not only steals the resources of visitors’ computers to mine digital currencies but also logs visitors’ every keystroke. Security researchers at Sucuri discovered a malicious campaign that infects WordPress websites with a malicious script that delivers an in-browser Engaging post, Read More…

thumbnail courtesy of thehackernews.com


If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » 2000 WordPress Sites Infected with a Keylogger to steal admin password and Coinhive to Mine Cryptocurrency