Cloud security startup Wiz issues a warning regarding a broad redirection campaign in which authentic FTP credentials were used to attack hundreds of websites aimed at East Asian audiences. In many instances, the attackers were successful in obtaining highly secure auto-generated FTP credentials, which they then utilised to hijack the victim websites and reroute users to adult-themed content.
The effort, which has probably been going on since September 2022, has compromised at least 10,000 websites, some of which are run by big enterprises and others of which are controlled by tiny businesses. According to Wiz, it is challenging to identify a common entry point because to variations in hosting providers and tech stacks.