Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

10-Apr-23

Since 2017, it’s been reported that over a million WordPress websites have been compromised by a campaign to spread malware known as Balada Injector. According to GoDaddy’s Sucuri, the extensive campaign “leverages all known and just recently discovered theme and plugin vulnerabilities” to compromise WordPress websites. Every few weeks, the attacks are known to occur in waves.

According to security expert Denis Sinegubko, “this campaign is easily identified by its preference for String.fromCharCode obfuscation, the use of recently registered domain names hosting malicious scripts on random subdomains, and by redirects to various scam sites.”

Read More…