Malicious Redirect Campaign Attacks WordPress Websites, Redirecting Visitors To Harmful Sites

Be careful with your WordPress websites and make sure to keep everything updated. Reports from various media platforms point to a malicious redirect campaign that’s targeting WordPress websites by exploiting vulnerabilities in some plugins. These attacks are redirecting visitors to several harmful websites.

Here’s a list of plugins where potential vulnerabilities have been found:

https://wordpress.org/ plugins/nd-shortcodes/
https://wordpress.org/ plugins/nd-donations/
https://wordpress.org/ plugins/nd-travel/
https://wordpress.org/ plugins/nd-booking/
https://wordpress.org/ plugins/nd-learning/
https://wordpress.org/ plugins/simple-301-redirects-addon-bulk-uploader/
https://wordpress.org/ plugins/woo-confirmation-email/
https://wordpress.org/ plugins/yellow-pencil-visual-theme-customizer/
https://wordpress.org/ plugins/responsive-coming-soon/
https://wordpress.org/ plugins/blog-designer/

If you are using any of these plugins in your wodpress installations, reach out to the plugin support to fix it or disable it till you make sure it’s safe to use.

Also, make sure you have a reliable WordPress Security Plugin installed on your website.

Data source: https://www.wordfence.com/blog/2019/08/malicious-wordpress-redirect-campaign-attacking-several-plugins/

A New Computer Virus Is Spreading That Records People While Watching Porn

Reports from various tech analysts indicate that a new computer virus called Varenyky is spreading quickly, a malware that records people while watching pornography. The group behind the virus then asks for a payment in exchange for not sharing the stolen images.

Regardless of how powerful people think their antivirus programs are, people are never completely safe on the Internet. The rapid development of technology facilitates the search for a backdoor to steal your information. ESET, the cybersecurity company, has discovered a new “malware” that allows users to take screenshots while watching pornography. The virus, called Varenyky, can take screenshots of the smartphone from those who enter a page offering such content.

It was discovered in May, although its distribution was unknown. From the cybersecurity firm, they point out that this has an impact in France. “Malware” infiltrates the devices through an antispam bot (spam) which, according to the company, has evolved only to avoid being removed from infected terminals.

The mail is presented in the form of an invoice, written in French, in which a payment of 491 euros is requested. Once the recipient has interacted with the document contained in the document, a message appears indicating that it is protected by Microsoft Word. It therefore requires human verification. After opening the device is infected.

“To infect victims’ devices, cybercriminals use spam with an illicit attachment in the form of a fake invoice. To open a file, it is necessary to pass a system check to confirm that it is not a robot. then the spyware executes the dangerous component, “they stress since ESET.

Once installed, Varenyky can steal passwords and access the victim’s email accounts. Then, the device starts recording each time the user enters a web page of adult content and sends the records to his or her contacts. ESET has already recorded a case of sextorsion involving a victim of French origin. A group of hackers contacted the user asking for a payment of 750 euros in bitcoins in exchange for not sharing the recordings in which, apparently, this seems to consume pornography. At the same time, cybercriminals have threatened to share this content with all of the victim’s cultures.

As ESET pointed out, Varenyky can only record on the screen of the infected device, not on the camera. The cybersecurity firm says, in turn, that at present no stolen content with the use of Varenyky has been released.