compromised WordPress sites Archives

TrendTechie

August 16, 2025

Labubu-охота на криптопользователей, опасные торренты с фильмами и другие события кибербезопасности

- A user lost 140 ETH (approximately ,500) on August 15 due to crypto address "poisoning," resulting in a total loss of over .6 million from similar incidents within a week. - Labubu fans in Russia fell victim to a cryptocurrency theft scheme involving a counterfeit marketplace that prompted users to connect their crypto wallets. - The Efimer Trojan malware, distributed through compromised WordPress sites and torrents, has been identified as a method for stealing cryptocurrency by replacing wallet addresses in the clipboard. - Pro-Russian hackers gained control of a dam in Norway, opening discharge valves and allowing over 7.2 million liters of water to pass through before being stopped. - A cybersecurity researcher discovered a vulnerability in a car dealer's online portal that allowed remote access to customer data and vehicle control. - Tajikistan reportedly lost over million due to illegal mining activities. - BtcTurk suspended withdrawals amid suspicious transactions totaling million. - Hackers extracted million in Bitcoin from the Odin.fun platform, and KYC data leaks have led to increased attacks on crypto investors.

TrendTechie

August 8, 2025

Троян Efimer крадет криптовалюту через торренты и сайты на WordPress

A new Trojan named Efimer has been identified, which can alter cryptocurrency wallet addresses in the clipboard, redirecting funds to cybercriminals. Efimer spreads primarily through compromised WordPress sites and phishing emails. Once installed, it can disable Windows Defender, install a Tor client, and capture seed phrases and wallet addresses. It targets Windows users globally, particularly those in Brazil, Russia, India, Spain, Germany, and Italy. The Trojan primarily targets wallets holding Bitcoin, Ethereum, Monero, Tron, and Solana, but may expand to other cryptocurrencies. To protect against Efimer, users are advised to use reliable security solutions, create strong passwords, enable two-factor authentication, avoid downloading files from unverified sources, and not store seed phrases in plain text.

AppWizard

March 28, 2025

PJobRAT Android RAT as Dating & Instant Messaging Apps Attacking Military Personnel

PJobRAT is an Android Remote Access Trojan (RAT) that re-emerged in 2023 with improved capabilities and a refined targeting strategy, previously known for attacking Indian military personnel in 2021. It is now targeting users in Taiwan through social engineering tactics, disguising itself as legitimate dating and messaging apps. The malware is distributed via compromised WordPress sites hosting fake applications like “SaangalLite” and “CChat.” The infection footprint is small, indicating highly targeted attacks rather than widespread campaigns. PJobRAT retains its core functionality of exfiltrating sensitive information, including SMS messages, contacts, and media files, while enhancing command execution capabilities. Upon installation, the malicious apps request extensive permissions to operate continuously in the background. The malware uses a dual-channel communication infrastructure, with Firebase Cloud Messaging (FCM) as the primary command channel and a secondary HTTP-based channel for data exfiltration to a command-and-control server. The campaign appears to have concluded, but the evolution of PJobRAT highlights the ongoing threat of sophisticated mobile malware targeting high-value individuals.

AppWizard

May 1, 2024

New Wpeeper Android malware hides behind hacked WordPress sites

A new Android backdoor malware named 'Wpeeper' has been discovered, utilizing compromised WordPress websites to relay instructions to and from its command and control servers. The malware was identified on April 18, 2024, and had already compromised thousands of devices. It has the capability to pilfer data through 13 distinct commands. The true intentions and operators of Wpeeper remain unknown, posing a threat of various malicious activities.