From Web3 Drainer to Distributed WordPress Brute Force Attack
Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects drainers using the external cachingjs/turboturbo.js script. Our SiteCheck website scanner has already detected this version on over 1,200 sites since the beginning of February, 2024.
Since our last post, this malware campaign has seen two new iterations resulting in distributed brute force attacks against target WordPress websites from the browsers of completely innocent and unsuspecting site visitors.
Continue reading From Web3 Drainer to Distributed WordPress Brute Force Attack at Sucuri Blog.
Read more: From Web3 Drainer to Distributed WordPress Brute Force Attack
Story added 5. March 2024, content source with full text you can find at link above.