Fake Plugins with Popuplink.js Redirect to Scam Sites

Fake Plugins with Popuplink.js Redirect to Scam Sites

Since July, we’ve been observing a massive WordPress infection that is responsible for unwanted redirects to scam and ad sites. This infection involves the tiny.cc URL shortener, a fake plugin that has been called either “index” or “wp_update”, and a malicious popuplink.js file.

Infected pages typically have these two scripts in the <head> section of the page.

<script type=’text/javascript’ src=’hxxps://<hacked-site>/wp-content/plugins/index/popuplink.js?ver=4.9.7′></script>

Continue reading Fake Plugins with Popuplink.js Redirect to Scam Sites at Sucuri Blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Call Now ButtonTap To Call