Xjquery Wave of WordPress SocGholish Injections

In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish scripts into compromised WordPress sites. A bit later, we documented minor changes in the way this malware worked.

By the end of March, 2023, we started noticing a new wave of SocGholish injections that used the intermediary xjquery[.]com domain. It appeared to be another evolution of the same malware.

Continue reading Xjquery Wave of WordPress SocGholish Injections at .

Story added 9. May 2023, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

A Case for Recruiting and Retaining "Franchise Players" in Security Software Development
FTC sues Wyndham Hotels after three credit card breaches
Man beats machine at Go in human victory over AI
Microsoft postpones Windows anti-exploit tool’s retirement
How to Protect Your Social Media Accounts
GPT-4 Rumors From Silicon Valley
Hackers continue to target U.K. abortion provider
VoIP and wireless Service in Biobehavioral and Health Building
Resolved: PASS problem
Organizations Warned of Security Risk in Default Apache Superset Configurations

Xjquery Wave of WordPress SocGholish Injections

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts