via wptavern.com => original post link
Security researchers at Doctor Web, a security company focused on threat detection and prevention, have discovered a malicious Linux program that targets WordPress sites running outdated and vulnerable plugins and themes.
The malware targets 32-bit versions of Linux, but it is also capable of running on 64-bit versions. It exploits 30 theme and plugin vulnerabilities to inject malicious JavaScript into websites, redirecting visitors to the attacker’s selected website.
The report states that Doctor Webs’ analysis of the application revealed that “it could be the malicious tool that cybercriminals have been using for more than three years to carry out such attacks and monetize the resale of traffic, or arbitrage.” During this time, the tool has been updated to target more exploitable vulnerabilities.