Experts observed a new threat targeting WordPress install, the Sathurbot botnet attempts to bruteforce WordPress accounts. Once a WordPress website is compromised it is used to host fake movie and software torrents. When victims search for a movie or a software to download they will receive malicious links instead of torrents. The malware also uses black SEO technique to make malicious links available through the major search engines. Operators of the botnet are also interested in targeting websites running other CMSs such as Drupal, Joomla, PHP-NUKE, and DedeCMS frameworks.”]
Source: https://securityaffairs.co/wordpress/57828/malware/sathurbot-botnet.html