From .tk Redirects to PushKa Browser Notification Scam
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites.
This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare and Yuzo-Related-Posts issue, as well as some zero-days.
The attack is known to redirect infected site visitors to various traffic monetization schemes, such as fake tech support scams.