Malicious actors have exploited security flaws in the WordPress Content Management System to launch a major malvertising campaign. Israeli cybersecurity firm Check Point was first to identify this operation and suggests that it could be responsible for as many as 40,000 attempted infections each week.
According to Check Point, the attackers are exploiting well-known vulnerabilities in WordPress CMS version 4.7.1. They are inserting malicious advertising that hijacks unsuspecting visitors before redirecting them towards purveyors of malware, ransomware or banking trojans. The hackers, dubbed Master 134, take payment from selling their victims to these nefarious third parties.
There is speculation that some digital advertising companies may be complicit in this operation.