Skip to main content

Hackers are using fake WordPress DDoS pages to launch malware

Hackers are pushing the distribution of dangerous malware via WordPress websites through bogus Cloudflare distributed denial of service (DDoS) protection pages, a new report has found.

As reported by PCMag and Bleeping Computer, websites based on the WordPress format are being hacked by threat actors, with NetSupport RAT and a password-stealing trojan (RaccoonStealer) being installed if victims fall for the trick.

A digital depiction of a laptop being hacked by a hacker.
Digital Trends

Cybersecurity firm Sucuri detailed how hackers are breaching WordPress sites that don’t have a strong security foundation in order to implement JavaScript payloads, which in turn showcase fake Cloudflare protection DDoS alerts.

Once someone visits one of these compromised sites, it will direct them to physically click a button in order to confirm the DDoS protection check. That action will lead to the download of a ‘security_install.iso’ file to one’s system.

From here, instructions ask the individual to open the infected file that is disguised as a program called DDOS GUARD, in addition to entering a code.

Another file, security_install.exe, is present as well — a Windows shortcut that executes a PowerShell command via the debug.txt file. Once the file is opened, NetSupport RAT, a popular remote access trojan, is loaded onto the system. The scripts that run once they have access to the PC will also install and launch the Raccoon Stealer password-stealing trojan.

Originally shut down in March 2022, Raccoon Stealer made a return in June with a range of updates. Once successfully opened on a victim’s system, Raccoon 2.0 will scan for passwords, cookies, auto-fill data, and credit card details that are stored and saved on web browsers. It can also steal files and take screenshots of the desktop.

As highlighted by Bleeping Computer, DDoS protection screens are starting to become the norm. Their purpose is to protect websites from malicious bots looking to disable their servers by flooding them with traffic. However, it seems hackers have now found a loophole to use such screens as a disguise to spread malware.

With this in mind, Sucuri advises WordPress admins to look at its theme files, which is where threat actors are concentrating their efforts. Furthermore, the security website stresses that ISO files won’t be involved with DDoS protection screens, so be sure to not download anything of the sort.

Hacking, malware, and ransomware activity have become increasingly common throughout 2022. For example, a hacking-as-a-service scheme offers the ability to steal user data for just $10. As ever, make sure you reinforce your passwords and enable two-factor authentication across all your devices and accounts.

Editors' Recommendations

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Best Buy laptop deals: Cheap laptops starting at $179
Apple M1 MacBook Air open on a desk with plants in the background.

Best Buy is a great outlet if you’re on the hunt for an affordable new laptop. This is true whether you’re looking for laptop deals in general or something more specific like gaming laptop deals, as the retail giant has a ton of laptop models to choose from and many are currently seeing a discount. Among the available Best Buy laptop deals are HP laptop deals, Dell laptop deals, Lenovo laptop deals, and even MacBook deals. With so many laptop deals to shop at Best Buy right now, we thought we’d round up the best of them. Below you’ll find all of the information you need to save on a new laptop at Best Buy, and if you aren’t finding what you’re looking for here you can also find some laptop deals among the current Amazon deals and Walmart deals.
Acer Chromebook 315 — $179, was $199

The Acer Chromebook 315 is one of the larger Chromebooks you’ll find, as its display comes in at an impressive 15.6 inches. This makes it a great option for people who want some extra screen real estate, but who still like to do their work on the go. The Acer Chromebook 315 has plenty of power for a Chromebook, and is made as much for comfort as functionality. Its slightly larger size will come in handy when doing creative work and an integrated numeric keyboard gives it the feel of working on a desktop. The Acer Chromebook 315 is able to reach up to 10 hours of battery life on a single charge, meaning you can work on the go all day without needing to take a charger with you.

Read more
Best Lenovo laptop deals: Save on Yoga and ThinkPad laptops
Lenovo Yoga 9i Gen 8 front angled view showing display and keyboard deck.

The best laptop deals often include models from some of the best laptop brands, which is company you’ll often find Lenovo keeping. Lenovo makes several laptop models that range in categories from budget to professional, and despite its clout Lenovo is regularly offering significant discounts on its laptops. That’s certainly the case right now, as the current Lenovo laptop deals may make you think twice about anything you’ve found among the best Dell laptop deals, best HP laptop deals, and best MacBook deals. We’ve tracked down all of the best Lenovo laptop deals you can show right now. They include models like the IdeaPad, the Legion, and the Yoga, as well as some impressive Lenovo ThinkPad deals. So read onward to shop the best Lenovo laptop deals going on right now and don’t hesitate to make a purchase if you see something you like.
Lenovo IdeaPad 1 — $200, was $250

The Lenovo IdeaPad 1 is a great alternative to the best budget laptops. It’s hard to beat this price tag when it comes to a Lenovo laptop, and even at this price point, the IdeaPad 1 doesn’t hold back on features. It has 14-inch HD display that’s great for binge watching on, and it’s about as portable as most laptops get, coming in at just over three pounds and not much more than half an inch thick. You’re able to connect an HD monitor to this laptop via HDMI connection, and a built-in webcam with privacy shutter and dual array microphone makes it a great way to keep in touch with family, friends, and colleagues.

Read more
How Apple plans to save the Vision Pro
A person wearing an Apple Vision Pro headset.

It’s no secret that Apple’s Vision Pro headset is the best advanced headset on the market, with powerful specs and an immersive experience that no rival can truly match. It’s also no secret that Apple has struggled to sell its device, given its $3,499 price tag puts it way out of reach of most consumers. Apple reportedly has a plan to turn things around, though -- yet it might not involve a Vision Pro headset at all.

According to the latest Power On newsletter from Bloomberg reporter Mark Gurman, Apple plans to launch a cheaper Vision Pro in late 2025 at the earliest, followed by a second-generation mainstream Vision Pro around late 2026. After that is a set of much-discussed augmented reality (AR) glasses, although Gurman believes these are still many years away.

Read more