WordPress blog pages redirected to rogue site

Brian Krebs, in his “Krebs on Security” blog is reporting that a large number of WordPress blog pages have been hacked to redirected visitors to networkads.net that downloads rogue security applications onto their machines. Also, the owners of the blogs are locked out of access.

“It’s not clear yet whether the point of compromise is a WordPress vulnerability (users of the latest, patched version appear to be most affected), a malicious WordPress plugin, or if a common service provider may be the culprit. However, nearly every site owner affected so far reports that Network Solutions is their current Web hosting provider,” Krebs wrote.

He also said that a script that downloads from the networkads.net site attempts to install a malicious ActiveX browser plugin which runs in Internet Explorer.

A spokesperson for Network Solutions said an investigation is underway and the hack may be related to a malicious WordPress plugin.
Krebs blog Here.

Leave a Reply

Your email address will not be published. Required fields are marked *