all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Thousands of Sites with Popup Builder Compromised by Balada Injector

Add to bookmarks
Jan. 10, 2024, 8:48 p.m. | Denis Sinegubko

Sucuri Blog blog.sucuri.net

On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3.


A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a freshly registered (December 13) domain specialcraftbox[.]com. At the current time of writing PublicWWW detects the injection on over 6,200 sites.


Continue reading Thousands of …

balada balada injector black hat tactics builder campaign compromised december hacked websites injector installation malware obfuscation plugin popular popup redirects research stored xss version vulnerability website malware infections websites wordpress plugins and themes wordpress security wpscan xss

Visit resource

More from blog.sucuri.net / Sucuri Blog

From Privacy to Exfiltration: Telegram’s Role in Website Malware 2 days, 16 hours ago | blog.sucuri.net
abuse black hat tactics creators cybercriminals +21
WordPress Vulnerability & Patch Roundup May 2024 4 days, 13 hours ago | blog.sucuri.net
attacks automated awareness disclosures +32
How to Fix the NET::ERR_CERT_DATE_INVALID Error 1 week, 1 day ago | blog.sucuri.net
address can certificate connection +14
Server Side Credit Card Skimmer Lodged in Obscure Plugin 1 week, 3 days ago | blog.sucuri.net
attackers card credit credit card +22
What is HTTP 504 Gateway Timeout & How to Fix It 2 weeks, 4 days ago | blog.sucuri.net
best practices can error errors +14
What is HTTP Error 502 Bad Gateway & How to Troubleshoot It 3 weeks, 2 days ago | blog.sucuri.net
bad best practices can error +21
What is HTTP Error 429: Too Many Requests 3 weeks, 4 days ago | blog.sucuri.net
access can code error +15
Mal.Metrica Redirects Users to Scam Sites 4 weeks, 2 days ago | blog.sucuri.net
analysts black hat tactics click compromised +11
WordPress Vulnerability & Patch Roundup April 2024 1 month ago | blog.sucuri.net
april attacks automated awareness +33

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com