The Business of Manufacturing Podcast

A large-scale malware campaign has compromised thousands of WordPress sites by using deceptive plugins to deliver malicious scripts disguised as software updates and error messages. The attackers, identified as ClearFake and ClickFix, have targeted over 6,000 websites, exploiting stolen login credentials to install fake plugins. These plugins inject malicious JavaScript, triggering fake browser update prompts that trick users into downloading malware. The malware, delivered using blockchain-based EtherHiding technology, often installs remote access trojans and data-stealing software like Vidar Stealer and Lumma Stealer.