The Fake Browser Update Scam Gets a Makeover

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
7,885
Reaction score
6,438
Credits
52,366
fakechromeupdate.png
 


The article doesn't mention Linux, so we're probably immune. They're likely only Windows versions, else it's safe to assume that they'd mention it.

As much as I love WordPress:

Nati Tal, head of security at Guardio Labs, said the malicious scripts stitched into hacked WordPress sites will create a new smart contract on the BSC Blockchain, starting with a unique, attacker-controlled blockchain address and a set of instructions that defines the contract’s functions and structure.

You really have to work to secure your WordPress installation. If you're good (and I have become good), you can automate all of that away. You can keep everything updated automatically. You can block attacks with a WAF. You can do file verification with the source files to monitor for changes.

You can do all sorts of these things to keep your WordPress instance secured.

But you still better verify it. You better make sure that it's doing what it's supposed to be doing. Otherwise, you're going to be hacked.

I've shared some numbers in the past to show how many attacks are thwarted by my Linux Tips site.

The number of attacks on my site probably number (as a total) somewhere in the mid-6 digit range. That's a whole lot of malicious traffic.

Sadly, many people do not do this. They don't know they should be doing this. Because WordPress is the software behind so many sites, attackers can target those exploits with reasonable success rates.
 

Members online


Latest posts

Top