Malware Disguised as Google Updates Pushed via Hacked News Sites


Hackers Push Malware via Compromised News, Corporate Sites

Hacked corporate sites and news blogs running using the WordPress CMS are being used by attackers to deliver backdoor malware that allows them to drop several second-stage payloads such as keyloggers, info stealers, and Trojans.

After gaining admin access to the compromised WordPress websites, the hackers inject malicious JavaScript code that will automatically redirect visitors to phishing sites.

Read more…