April 8, 2024 at 02:26PM Hackers compromised over 2,000 WordPress sites, injecting them with malicious scripts to display fake NFT and discount pop-ups. These pop-ups prompt visitors to connect their wallets to crypto drainers, ultimately stealing funds and NFTs. The attackers seek to monetize a large pool of hacked sites and have begun promoting these … Read more
March 7, 2024 at 09:21AM Threat actors are launching distributed brute-force attacks on WordPress sites through malicious JavaScript injections, causing unauthorized access to target sites. This shift from crypto drainers to brute-force attacks may be driven by profit motives, as compromised sites can be monetized in various ways. Prior attacks have exploited vulnerabilities in WordPress … Read more
January 6, 2024 at 11:46AM Cybercriminals are exploiting X ads to promote crypto scams including fake airdrops and drainer sites, targeting those interested in cryptocurrencies. X’s advertising algorithm matches users’ interests, resulting in an increasing volume of malicious ads. Despite warnings and skepticism over X’s ad vetting, it’s reported that malicious ads have significantly grown, … Read more