Over 17000 Websites Compromised In Recent Balada Injector Campaigns

Multiple Balada Injector campaigns have infected over 17,000 WordPress sites using known premium theme plugin vulnerabilities.Discovered in December 2022 by Dr. Web, Balada Injector exploits these flaws to inject a Linux backdoor.This backdoor redirects visitors to fake tech support, lottery scams, and push notification fraud, suggesting it's linked to scams or sold as a service. In April 2023, Sucuri revealed Balada Injector's activity since 2017, estimating almost one million compromised WordPress sites.Read more...