"Evasive Sign1 Malware Campaign Infects 39,000 WordPress Sites"

The website security company Sucuri discovered a malware campaign dubbed "Sign1" that has infected more than 39,000 WordPress websites in the last six months, causing visitors to get unwanted redirects and popup ads. Instead of modifying the WordPress files, the threat actors inject the malware into custom HTML widgets and legitimate plugins on WordPress websites to insert the malicious Sign1 scripts. Sucuri researchers discovered the campaign when a client's website randomly displayed popup ads to visitors. This article continues to discuss findings regarding the Sign1 malware campaign.

Bleeping Computer reports "Evasive Sign1 Malware Campaign Infects 39,000 WordPress Sites"

Submitted by grigby1

Submitted by Gregory Rigby on