{"id":180517,"date":"2024-01-15T03:23:11","date_gmt":"2024-01-15T09:23:11","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2024\/01\/balada-injector-infects-over-7100-wordpress-sites-using-plugin-vulnerability"},"modified":"2024-01-15T03:23:11","modified_gmt":"2024-01-15T09:23:11","slug":"balada-injector-infects-over-7100-wordpress-sites-using-plugin-vulnerability","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2024\/01\/balada-injector-infects-over-7100-wordpress-sites-using-plugin-vulnerability","title":{"rendered":"Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability"},"content":{"rendered":"

<\/a><\/p>\n

\u26a0\ufe0f Over 7,100 WordPress sites have been hit by the \u2018Balada Injector\u2019 malware, which exploits sites using a vulnerable version of the Popup Builder plugin. Read More \u27a1\ufe0f https:\/\/thehackernews.com\/2024\/01\/balada-injector-infects-over-7100.htm<\/a><\/p>\n

\n

Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector<\/strong>.<\/p>\n

First documented<\/a> by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech support pages, fraudulent lottery wins, and push notification scams.<\/p>\n

Subsequent findings<\/a> unearthed by Sucuri have revealed the massive scale of the operation<\/a>, which is said to have been active since 2017 and infiltrated no less than 1 million sites since then.<\/p>\n","protected":false},"excerpt":{"rendered":"

\u26a0\ufe0f Over 7,100 WordPress sites have been hit by the \u2018Balada Injector\u2019 malware, which exploits sites using a vulnerable version of the Popup Builder plugin. Read More \u27a1\ufe0f https:\/\/thehackernews.com\/2024\/01\/balada-injector-infects-over-7100.htm Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor [\u2026]<\/p>\n","protected":false},"author":662,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,34],"tags":[],"class_list":["post-180517","post","type-post","status-publish","format-standard","hentry","category-biotech-medical","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/180517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/662"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=180517"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/180517\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=180517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=180517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=180517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}