Attackers Abuse Poorly Regulated Top-Level Domains in Ongoing Redirect Campaign
One of the more common infections that we see are site-wide redirects to spam and scam sites, achieved by attackers exploiting newly found vulnerabilities in popular WordPress plugins. If you’ve ever been redirected to a page that looks something like this, then you’ve fallen victim to such an attack:
Once the user clicks through the verification process they are sent to a fake CAPTCHA page asking the user to click to prove they are a human:
As we have reported in the past on this type of infection:
The goal is to trick visitors into clicking “Allow” when the site asks to subscribe to push notifications.