Hackers have been actively exploiting a lately patched vulnerability in some web sites that causes the websites to redirect to malicious websites or show deceptive popups, safety researchers warned on Wednesday.
Researchers from safety agency Zscaler’s ThreatLabZ say attackers are exploiting the vulnerability to trigger websites utilizing unpatched variations of WP Dwell Chat Assist to redirect to malicious websites or to show undesirable popups. Whereas the assaults aren’t widespread, there have been sufficient of them to lift concern.
“Cybercriminals actively search for new vulnerabilities in well-liked content material administration techniques comparable to WordPress and Drupal, in addition to well-liked plugins which might be discovered in lots of web sites,” Zscaler’s Prakhar Shrotriya wrote in a post. “An unpatched vulnerability in both the CMS or related plugins gives an entry level for attackers to compromise the web site by injecting malicious code and impacting the unsuspecting customers visiting these websites.”
Whois data present that the area was created on Might 16. That is at some point after the WP Dwell Chat Assist builders launched model 8.0.27, which mounted the vulnerability. Shrotriya printed a listing of 47 sites he stated had been hit by the exploit. Whereas some brought on malicious redirects, others did not and reported they had been utilizing patched variations of the plugin.