![]() Method 1: Fake Flash Player update campaign Overall, Zscaler has blocked nearly 40,000 of these attempts in the past three months.įigure 1: The number of hits on the various types of compromised CMS sites: WordPress (green), Joomla (gold), Drupal (blue), and other CMS sites (orange) The following figure depicts the hits on the various compromised sites. These sites use popular programs, such as WordPress, Joomla, Drupal, and others, and are being attacked as a result of vulnerabilities introduced by plugins, themes, and extensions, something we’ve discussed previously on this blog. The two malware campaigns we examine in this blog deliver a payload designed to steal sensitive information. ![]() These campaigns are designed to inject malicious redirector scripts into compromised content management system (CMS) sites. Recently, the Zscaler ThreatLabZ team came across two campaigns designed to trick users into downloading a Remote Access Trojan (RAT) via a fake Flash Player update and a font update.
0 Comments
Leave a Reply. |