Earlier this year we discussed how Gizmodo’s Brazilian site was compromised and used to spread online banking malware to approximately 7,000 victims in a two-hour span. The site was compromised via WordPress plugin vulnerabilities that allowed the attacker to add a script that redirected users to a second compromised site, which eventually led users to download the malware….
Read MoreRecently, I learnt that attackers compromised Gizmodo’s Brazilian regional site. The attackers were able to modify the Gizmodo main page to add a script which redirected them to another compromised website. This second compromised site was hosted in Sweden, and used a .se domain name. The attackers also uploaded a web shell onto this site (the site…
Read More