Analysis of a Malicious WordPress Plugin: The Covert Redirector
A few weeks ago, we received a support request from a website owner who was experiencing unexpected redirects. Visitors landed on the website normally, but after about 4–5 seconds, the site redirected them to unrelated and suspicious websites. During the investigation, we discovered a malicious plugin that was responsible for this behavior, continuing the trend of attackers using fake WordPress plugins.
So far, we have seen at least 26 websites infected with the same malicious plugin, and it appears to be spreading through pirated or compromised installations.
Continue reading Analysis of a Malicious WordPress Plugin: The Covert Redirector at Sucuri Blog.
Read more: Analysis of a Malicious WordPress Plugin: The Covert Redirector
Story added 18. June 2025, content source with full text you can find at link above.