all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

Add to bookmarks
April 6, 2023, 7:25 p.m. | Denis Sinegubko

Sucuri Blog blog.sucuri.net

Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a proper name. Typically, we refer to it as an ongoing long lasting massive WordPress infection campaign that leverages all known and recently discovered theme and plugin vulnerabilities. Other organizations and blogs have described it in a similar manner, sometimes adding terms like “malvertising campaign” or naming domains that it was currently used (which amounts to …

balada injector black hat tactics blogs campaign domains hacked websites infection injector malvertising malvertising campaign malware malware campaign name obfuscation organizations plugin redirects sucuri synopsis team terms theme tracking vulnerabilities website malware infections website security wordpress wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

WordPress Vulnerability & Patch Roundup April 2024 1 day ago | blog.sucuri.net
april attacks automated awareness +33
What is a Zero-Day Vulnerability? 4 days, 23 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 1 week ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 5 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 1 week, 6 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 5 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 3 weeks ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 3 weeks, 6 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs