If you’ve visited a website in recent days and been randomly redirected to the same pages with sketchy “resources” or unwanted ads, it’s likely the site in question was 1) built with WordPress tools and 2) hacked.
Researchers at Sucuri, a security provider owned by GoDaddy, revealed on Wednesday that the hackers behind a months-long campaign focused on injecting malicious scripts into WordPress themes and plugins with known security holes were at work yet again.
It’s important to note that these hacks are related to themes and plugins built by thousands of third-party developers using the open source WordPress software, not WordPress.com, which offers hosting and tools to build websites. Automattic, WordPress.com’s parent company, is a major contributor to the software but does not own it.
According to Sucuri, there are 322 WordPress sites with plugins and themes that have been affected by this new exploit, although the “actual number of impacted websites is likely much higher.”
In April alone, hackers used this tactic to infect nearly 6,000 sites, Sucuri malware analyst Krasimir Konov stated.
“This page tricks unsuspecting users into subscribing to push notifications from the malicious site. If they click on the fake CAPTCHA, they’ll be opted in to receive…