Skip to main content
  1. Home
  2. Computing
  3. News

Hackers are using fake WordPress DDoS pages to launch malware

Add as a preferred source on Google

Hackers are pushing the distribution of dangerous malware via WordPress websites through bogus Cloudflare distributed denial of service (DDoS) protection pages, a new report has found.

As reported by PCMag and Bleeping Computer, websites based on the WordPress format are being hacked by threat actors, with NetSupport RAT and a password-stealing trojan (RaccoonStealer) being installed if victims fall for the trick.

A digital depiction of a laptop being hacked by a hacker.
Digital Trends

Cybersecurity firm Sucuri detailed how hackers are breaching WordPress sites that don’t have a strong security foundation in order to implement JavaScript payloads, which in turn showcase fake Cloudflare protection DDoS alerts.

Recommended Videos

Once someone visits one of these compromised sites, it will direct them to physically click a button in order to confirm the DDoS protection check. That action will lead to the download of a ‘security_install.iso’ file to one’s system.

From here, instructions ask the individual to open the infected file that is disguised as a program called DDOS GUARD, in addition to entering a code.

Another file, security_install.exe, is present as well — a Windows shortcut that executes a PowerShell command via the debug.txt file. Once the file is opened, NetSupport RAT, a popular remote access trojan, is loaded onto the system. The scripts that run once they have access to the PC will also install and launch the Raccoon Stealer password-stealing trojan.

Originally shut down in March 2022, Raccoon Stealer made a return in June with a range of updates. Once successfully opened on a victim’s system, Raccoon 2.0 will scan for passwords, cookies, auto-fill data, and credit card details that are stored and saved on web browsers. It can also steal files and take screenshots of the desktop.

As highlighted by Bleeping Computer, DDoS protection screens are starting to become the norm. Their purpose is to protect websites from malicious bots looking to disable their servers by flooding them with traffic. However, it seems hackers have now found a loophole to use such screens as a disguise to spread malware.

With this in mind, Sucuri advises WordPress admins to look at its theme files, which is where threat actors are concentrating their efforts. Furthermore, the security website stresses that ISO files won’t be involved with DDoS protection screens, so be sure to not download anything of the sort.

Hacking, malware, and ransomware activity have become increasingly common throughout 2022. For example, a hacking-as-a-service scheme offers the ability to steal user data for just $10. As ever, make sure you reinforce your passwords and enable two-factor authentication across all your devices and accounts.

Zak Islam
Former Contributor
Zak covers the latest news in the technology world, particularly the computing field. A fan of anything pertaining to tech…
Apple’s M6 chip isn’t even here yet, but you’ll see M7 Macs early in 2027
Apple is reportedly already accelerating its next-generation silicon roadmap, even before the M6 has launched.
Apple MacBook

The M6 chip is still expected to debut later this year, but Apple may already be preparing for what comes next. According to Mark Gurman's latest report for Bloomberg, the company is aiming to introduce its first M7-powered devices as early as the first half of 2027, hinting at a much faster silicon refresh than many expected.

M7 could arrive alongside new Macs and iPads

Read more
The entry-level MacBook Pro could get a design refresh in 2027, and it’s about time
Five years on the same chassis, and now both tiers of the MacBook Pro are getting a new look at once.
MacBook Pro in space grey sitting on a desk.

Apple has a new MacBook Pro lined up for launch early next year, according to Bloomberg. The company will introduce a 14-inch laptop in the first half of 2027. 

The biggest surprise, however, will be a brand-new design language. The outlet describes it as "a revamped entry-level MacBook Pro, code-named K104."

Read more
Study finds humans will talk to AI ghosts of the dead as reincarnations, and it’s pretty grim
The first AI ghost study is in. The results are about as complicated as you'd expect.
VR Headset, Person, Face

A new study from the University of Colorado Boulder confirms something that sounds both impressive and concerning. People find interacting with AI simulations of their dead loved ones deeply meaningful, and most will come away wanting to do it again.

The researchers call it a "generative ghost," which is a clear reference to generative AI, but I’d still prefer to call it unsettling.

Read more