Watch out! Hackers are exploiting WordPress sites to spread malware

Researchers from IT security company Zscaler have reported that hackers have been exploiting vulnerabilities in websites built on popular content management systems.

They have been leveraging issues with the themes, extensions, and plugins used in Joomla and WordPress, two of the most used CMS systems, to hide and distribute malware, and sometimes even phishing pages, through a hidden HTTP directory.

While assessing the infected websites, the researchers noted that hackers had used different techniques to gain access to the hidden directory, which is commonly used for verifying the ownership of a domain.

As this page stays hidden from the administrators of the website, the malicious content stays on the website for long, thereby affecting more number of users, they said.

So far, the researchers have discovered over 500 websites that have been compromised using the CMS vulnerabilities and the hidden directory.

They have discovered a range of malicious programs being distributed through the websites, including the critical Shade, aka Troldesh, ransomware.

Notably, it affected the most number of infected WordPress and Joomla websites.

Zscaler indicated that the outdated themes or server-side software might be the reason for the attack on WordPress sites (built using version 4.8.9 to 5.1.1).

The security company is in the process of informing the infected websites' owners about the issue.

However, so far, there is no word on the exact loophole or on the bad actors behind these attacks.