Blog | G5 Cyber Security

Spam Injector Disguised as License Key in WordPress Website

A client opened a malware removal ticket reporting some weird spam URLs injected onto their WordPress website. After further investigation into the files in the website, Sucuri discovered a hidden encoded spam injector malware in the following theme file:. The attacker formatted the encoded injector to look like a themes license key in order to distract the eyes of a less-trained security analyst from suspecting this to be malicious code. The attacker also hardly used any encoding to ensure it was well hidden.”]

Source: https://blog.sucuri.net/2019/01/spam-injector-disguised-as-license-key-in-wordpress.html

Exit mobile version