30 January 2018

Keylogger found on thousands of WordPress based sites, stealing every keypress as you type


A new report from researchers at Sucuri reveals that websites are once again being found infected by cryptomining code – stealing the resources of visiting computers to mine for the Monero cryptocurrency.

Many web surfers almost certainly don’t realise that the reason that their laptop’s fan is running at full blast is because the website they are viewing is tied up with the complex number-crunching necessary to earn the digital currency.

But, in a twist, this particular attack isn’t just interested in mining Monero. While the website’s front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users’ login credentials.

With the keylogger in place, any information entered on any of the affected websites’ web forms will be surreptitiously sent to the hackers. And yes, that includes the site’s login form.


No comments:

Post a Comment