Malwareware known as Gootloader is poisoning websites globally as part of an extensive drive-by and watering-hole cybercampaign that abuses WordPress sites by injecting them with hundreds of pages of fake content. The adversaries have so far delivered the Cobalt Strike intrusion tool, the Gootkit banking trojan or the REvil ransomware, according to a forensic analysis. Website admins should patch all plugins, WordPress itself and back-end servers as soon as possible, eSentire researchers say. The attackers’ end game is to infect business professionals, speaking English, German and Korean.
Source: https://threatpost.com/wordpress-injection-malware-campaign/164555/