Malicious Redirect Campaign Attacks WordPress Websites, Redirecting Visitors To Harmful Sites

Be careful with your WordPress websites and make sure to keep everything updated. Reports from various media platforms point to a malicious redirect campaign that’s targeting WordPress websites by exploiting vulnerabilities in some plugins. These attacks are redirecting visitors to several harmful websites.

Here’s a list of plugins where potential vulnerabilities have been found:

https://wordpress.org/ plugins/nd-shortcodes/
https://wordpress.org/ plugins/nd-donations/
https://wordpress.org/ plugins/nd-travel/
https://wordpress.org/ plugins/nd-booking/
https://wordpress.org/ plugins/nd-learning/
https://wordpress.org/ plugins/simple-301-redirects-addon-bulk-uploader/
https://wordpress.org/ plugins/woo-confirmation-email/
https://wordpress.org/ plugins/yellow-pencil-visual-theme-customizer/
https://wordpress.org/ plugins/responsive-coming-soon/
https://wordpress.org/ plugins/blog-designer/

If you are using any of these plugins in your wodpress installations, reach out to the plugin support to fix it or disable it till you make sure it’s safe to use.

Also, make sure you have a reliable WordPress Security Plugin installed on your website.

Data source: https://www.wordfence.com/blog/2019/08/malicious-wordpress-redirect-campaign-attacking-several-plugins/

Are You In Need Of A Million Dollars? Hack An iPhone And Get It!

In an attempt to discover vulnerabilities on iPhone or iOS, Apple offers a million dollars to those who can hack an iPhone.

There is no doubt that, when it comes to security, Apple is one of the leading companies in the market. The Cupertino-based company knows it and wants it to remain so, so it offers a million dollars to anyone who can hack one of their iPhone, as they pointed out at the Black Hat conference. The objective of the company is to discover any vulnerability that may affect any of its terminals.

In addition, currently any hacker can opt for the reward, while previously the prize was restricted to a few who had been invited by Apple itself to try. As Forbes pointed out, the company will also extend this program to other systems, such as its Mac computers, watchOS or the Apple TV operating system.

On the other hand, Forbes emphasizes that technology will facilitate development devices for participants in this program. Something that, as expected of the company, allows hackers to better understand the operation of the iOS operating system.

In this way, the million dollars will go to the bank account of any person who can carry out the execution of a code without user interaction. Apple also contemplates other rewards for finding other vulnerabilities in its system. And the fact that iOS is more secure than others does not imply that it is free of vulnerabilities.

This is demonstrated by errors such as the one found in the walkie-talkie application for your AppleWatch, which allowed you to listen to conversations from other iPhone. Or the “video conferencing application” Zoom for Mac, which also had an error that allowed spying on users. In both cases, the apple company managed to find a solution quickly.

A New Computer Virus Is Spreading That Records People While Watching Porn

Reports from various tech analysts indicate that a new computer virus called Varenyky is spreading quickly, a malware that records people while watching pornography. The group behind the virus then asks for a payment in exchange for not sharing the stolen images.

Regardless of how powerful people think their antivirus programs are, people are never completely safe on the Internet. The rapid development of technology facilitates the search for a backdoor to steal your information. ESET, the cybersecurity company, has discovered a new “malware” that allows users to take screenshots while watching pornography. The virus, called Varenyky, can take screenshots of the smartphone from those who enter a page offering such content.

It was discovered in May, although its distribution was unknown. From the cybersecurity firm, they point out that this has an impact in France. “Malware” infiltrates the devices through an antispam bot (spam) which, according to the company, has evolved only to avoid being removed from infected terminals.

The mail is presented in the form of an invoice, written in French, in which a payment of 491 euros is requested. Once the recipient has interacted with the document contained in the document, a message appears indicating that it is protected by Microsoft Word. It therefore requires human verification. After opening the device is infected.

“To infect victims’ devices, cybercriminals use spam with an illicit attachment in the form of a fake invoice. To open a file, it is necessary to pass a system check to confirm that it is not a robot. then the spyware executes the dangerous component, “they stress since ESET.

Once installed, Varenyky can steal passwords and access the victim’s email accounts. Then, the device starts recording each time the user enters a web page of adult content and sends the records to his or her contacts. ESET has already recorded a case of sextorsion involving a victim of French origin. A group of hackers contacted the user asking for a payment of 750 euros in bitcoins in exchange for not sharing the recordings in which, apparently, this seems to consume pornography. At the same time, cybercriminals have threatened to share this content with all of the victim’s cultures.

As ESET pointed out, Varenyky can only record on the screen of the infected device, not on the camera. The cybersecurity firm says, in turn, that at present no stolen content with the use of Varenyky has been released.

FATF To Design Software To Track Bitcoin And Cryptocurrency Transactions

The Financial Action Task Force (FATF), said to be developing a tracker system to find digital currency transactions and about 15 countries to be using this to gain personal transactions data from their citizens, says a recent report by Nikkei.

About 15 countries are considering creating a new system to collect and share personal data from people who perform cryptocurrency transactions. The aim is to prevent money laundering, its use by terrorist organizations or its illicit use.

The system would be designed by the Financial Action Task Force (FATF), an international organization of more than 30 member countries and economies. The goal is to establish detailed measures by 2020 and put the system into operation a few years later.

Once in place, the system would be managed by the private sector. As many countries have not yet established a cryptocurrency regulatory regime, international cooperation could accelerate the development of legal measures. The new system will be developed by some 15 countries, including G-7 members Australia and Singapore.

Japan was the first country to introduce a legal framework for the cryptocurrency trade, creating a record in 2017. But with totally unregulated virtual currencies in some places, developing uniform international rules has been a challenge.

Representatives of the G-20 Finance Ministers and Central Bank Governors meeting in June decided to work on setting up licensing and registration systems for account operators. They also agreed to work together to strengthen surveillance and eliminate loopholes for illicit money transfers.

Binance Offers 25 Bitcoin For Any Information To Fight KYC Data Hack

Leading cryptocurrency exchange Binance is in trouble again. It was only a few weeks ago the exchange got hacked and lost over 40 million dollars and from the past few hours rumors been circulating suggesting the KYC data of users of the exchange has been compromised.


A channel in the popular social media communication app Telegram has been posting KYC pictures, with customer selfies and other data, claiming it is from the data they are withholding from Binance. The vigilant exchange took quick notice of this and later released a statement saying this is all false just to create some FUD. Adding that they have also received threats and harassment demanding 300 bitcoin in exchange for withholding more photos.

The statement released by the exchange also mentions that the team is investigating the issue, and has offered “up to 25 bitcoin” for any helpful information that is legally actionable to fight this. “Please remember that protecting our users’ privacy and keeping our systems secure, including the funds stored within, is our utmost priority. We have numerous measures in place to ensure the safe-keeping of our users’ information, and we will continue to maintain the highest degree of transparency while serving our community.” concludes the statement.

Even though the legitimacy of this leak is yet to be confirmed, online discussion groups and crypto communities are filled with messages from concerned users, especially those who have submitted their KYC data to the exchange.

North Korean Hackers Stole $2 Billion From Banks And Crypto Exchanges

North Korea spent $ 2 billion stolen from cryptocurrency and bank exchanges through hacker attacks to finance its weapons of mass destruction programs, states a recent report of the United Nations.

DPRK hackers with the help of attacks stole $ 2 billion from exchanges of cryptocurrencies and financial organizations. The funds were used to finance weapons of mass destruction programs. Every year, North Korean hackers use increasingly sophisticated methods to attack financial services, according to the United Nations (UN) report, writes Reuters.

Pyongyang continues to develop its nuclear and missile defense programs, although it has not carried out nuclear tests or intercontinental ballistic missile launches (ICBM), says the UN Security Council sanctions committee. Third-party experts participated in the preparation of the report.

According to the report’s authors, the DPRK “is using cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income.” In addition, through cryptocurrencies, North Korean authorities use hackers to launder stolen funds.

“Cyber ​​units of the Democratic People’s Republic of Korea, many of which are run by the Office of General Intelligence, are raising funds for weapons of mass destruction (ADM) programs, which are currently estimated at $ 2 billion in total “.

According to the report, there are “at least 35 registered cases in which the DPRK cyber units attacked financial institutions, crypto exchanges and mining farms to steal currencies.” Organizations in approximately 17 countries became victims.

The attacks by North Korean hackers in cryptocurrency exchanges allowed “to generate income in a way that is more difficult to track and are subject to less government supervision and regulation than the traditional banking sector.”

“We urge all responsible states to take measures to counter North Korea’s ability to perform malicious cyber activities that generate revenue and are used to finance its illegal programs to create ADM and ballistic missiles,” said a spokeswoman for the State Department of the United States when answering a question about a UN report.