30,000 Infected WordPress Blogs Are Distributing Rogue Antivirus Software

PC World has reported that around 30,000 WordPress blogs have been infected to distribute rogue fake antivirus software from a cybercriminal gang and these attacks have resulted in over 200,000 infected pages that then redirect users to websites with fake antivirus scans.

Moreover and while more than 85% of the compromised sites are apparently located in the US, the visitors to these websites come from all over the world – meaning Internet users globally are potentially at risk of infection.

Apparently and according to one security expert, many of the compromised blogs were running outdated WordPress versions or had vulnerable plug-ins installed. Likewise, weak administrative passwords that were susceptible to brute force attacks were also cited as a culprit as the attackers are apparently trying everything with these latest attacks.

Researchers say they have found a rogue WordPress plug-in called ToolsPack that has been installed on many of the infected blogs. And while this plug-in masquerades as a collection of WordPress administration tools, it actually contains a backdoor to allow the attackers unauthorized access to the infected sites.

Hence, experts are saying that WordPress blogs owners and administrators should make sure that all of their plug-ins and WordPress software are up-to-date and protected by strong passwords.

About Stephane Brault

Stephane is a web developer and system administrator with over 18 years of experience. Specialized in PHP programming and Linux server administration, he also provided development and consulting services to SMBs for several years before becoming an online entrepreneur.