March 27, 2023

[Information Security Daily]On October 21, 2022, WordPress released version 6.0.3 to patch 16 vulnerabilities, and the malware Ursnif required victims to enter a verification code to reduce vigilance

WordPress recently released version 6.0.3 with 16 bugs patched, but it’s worth noting that one of the bugs is the most likely to be exploited because attackers don’t need to authenticate to launch the attack. In order to reduce the vigilance of victims, hackers have also used the verification mechanism of real people and bots that some users often encounter in recent years, so that people mistakenly believe that the website that checks the identity is a legitimate website. For example, in the recent Ursnif malware attack, hackers placed malicious files on web pages that required the entry of CAPTCHA codes. Beware that online conversion services also become a conduit for hackers to spread malware! Some people set up a fake file format conversion service website. Although this website provides an upload function, if it does, the user is likely to install stealing software on the computer.

Ewen Eagle

I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.

View all posts by Ewen Eagle →

Leave a Reply

Your email address will not be published.