Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

Since 2017, it’s been reported that over a million WordPress websites have been compromised by a campaign to spread malware known as Balada Injector. According to GoDaddy’s Sucuri, the extensive campaign “leverages all known and just recently discovered theme and plugin vulnerabilities” to compromise WordPress websites. Every few weeks, the attacks are known to occur in waves.

According to security expert Denis Sinegubko, “this campaign is easily identified by its preference for String.fromCharCode obfuscation, the use of recently registered domain names hosting malicious scripts on random subdomains, and by redirects to various scam sites.”

Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

10-Apr-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address