By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    What is a rootkit and how to remove it
    8 months ago
    The Mask – Unveiling the World’s Most Sophisticated APT Campaign
    8 months ago
    Regin APT Attacks Among the Most Sophisticated Ever Analyzed
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    2 days ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    2 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    1 week ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    For 0-day vulnerabilities in Windows, temporary patches
    8 months ago
    Windows 11 22H2 (build 22621.317) outs in the Release Preview Channel
    8 months ago
    How to avoid problems installing Windows 11 22H2
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    3 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    5 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    5 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    6 days ago
    The personal threat landscape: securing yourself smartly
    6 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Amazing free and open-source program for screenshot or record any area of your screen ShareX.
    8 months ago
    Popular Convert Plus Plugin Vulnerability Exploit
    8 months ago
    Windows 11 to boost game load times with DirectStorage 1.1 GPU decompression
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    3 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    3 days ago
    How to check USB4 devices specs from Settings on Windows 11
    3 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: Hackers create fraudulent online stores on top of hacked WordPress sites
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Hackers create fraudulent online stores on top of hacked WordPress sites

Tom Grant
Last updated: 13 October
Tom Grant 3 years ago
Share
3 Min Read


Akamai Specialist Larry Cashdollar discovered a hacker group that is using hacked WordPress sites in a very interesting way. Firstly, hackers run fraudulent online stores over these resources. Secondly, they poison XML maps to influence search results.

The attackers use brute force attacks to gain access to the site administrator account, after which they overwrite the main index file of the WordPress site and add malicious code to it.


Although this code was heavily obfuscated, Cashdollar writes that the main role of this malware was to act as a proxy and redirect all incoming traffic from hacked sites to a remote server of criminals. It was on this server that the most interesting thing happened. A typical attack looked like this:

  • the user visits the hacked WordPress site;
  • hacked site redirects user request to malware control server;

  • if the user meets certain criteria, the hacker's server tells the site to respond to the visitor with an HTML file with a fraudulent online store selling a wide range of goods;
  • The hacked site responds to the user's request by showing a fraudulent store instead of the original site the user intended to view.



  • According to the expert, by that time By the time the hackers got to his decoy server, they had already launched over 7,000 of these fake stores.


    In addition, the hackers generated XML maps for the hacked resource ov, which contained records of fraudulent online stores along with authentic pages of the site. The attackers created such maps, “feed” them to the Google search engine, and then removed the maps from sites to avoid detection.


    Although this procedure looks harmless, it actually had a great impact on affected sites. The fact is that in the end, such XML maps significantly reduced the rankings of resources in search results. According to Cashdollar, such malware can be used for SEO-related extortion. For example, criminals deliberately lower the ranking of a site in search results, and then ask its owners for a ransom in order to eliminate the consequences of the attack and “return everything as it was.”


Translate this article

TAGGED: Malware, WordPress
Tom Grant October 13, 2022 September 30, 2020
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 2 days ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 2 days ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 3 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 3 days ago
How to check USB4 devices specs from Settings on Windows 11
News 3 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

2 days ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

2 days ago
How To

The personal threat landscape: securing yourself smartly

6 days ago
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Wordpress Threats

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)

1 week ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?