A fraudulent application program interface (API) domain, called WordPrssAPI, was attempting to steal active cookies to impersonate users. The malicious site is now offline and there are no reports of major damage. Cybercriminals used a pattern for tightly packing code to make it more difficult to notice. Its really up to web admins to be extra careful in auditing code to ensure they identify illegitimate sites, researchers say. The malware in question gathers cookies and sends it back to the fake domain immediately.”]
Source: https://securityintelligence.com/news/phony-wordpress-domain-steals-cookies-to-fool-web-admins/