14 DAY TRIAL // Armorize has been monitoring a mass infection of WordPress websites that has started around October 5 and still goes on as we speak.
A large number of WordPress sites have fallen victims to a mass attack that injected a malicious piece of code into their index pages. This could be a consequence of stolen or phished passwords or it may be the effect of automated script-injection tools.
As a result, many pieces of malware are downloaded onto the victim machine and it seems that so far only 5 out of 43 security solution vendors detected the malicious elements.
The attack seems to be originating from host located in the USA, Russia and India but they don't seem to be owned by the masterminds behind the hits as it seems that mostly, the dynamic DNS service provided by changeip.com is utilized.