⚠️ WordPress Websites Under Attack: Malware Campaign in Full Swing
🔴 Cybersecurity experts warn that thousands of WordPress websites have been compromised in a massive hacking campaign, tricking users into installing password-stealing malware on Windows and macOS devices.
🚨 The attack relies on outdated WordPress versions and vulnerable plugins, affecting some of the most-visited sites on the internet.
🔎 Key Takeaways:
✅ Hackers display fake Chrome update pages to lure victims.
✅ Malware variants include Amos (macOS) & SocGholish (Windows).
✅ Over 10,000 hacked WordPress sites involved in the campaign.
✅ Sensitive data stolen: passwords, session cookies, crypto wallets, and more.
📢 Security firm c/side CEO Simon Wijckmans confirmed that the hacking campaign is active and widespread.
🛑 How Does the Attack Work?
🔍 Researchers discovered that infected WordPress sites automatically redirect visitors to a fraudulent Chrome update page.
1️⃣ User visits a hacked WordPress site.
2️⃣ The site instantly loads a fake Chrome update prompt.
3️⃣ Clicking “Update” downloads malicious software tailored for either Windows or macOS.
4️⃣ The malware steals credentials, session cookies, crypto wallets, and sensitive data.
💻 Windows Users → SocGholish malware infects systems.
🍏 Mac Users → Amos (Atomic Stealer) malware steals data.
🔎 Amos & SocGholish: What You Need to Know
Amos (Atomic Stealer) – macOS Malware
🚨 Discovered by SentinelOne in 2023, Amos is a powerful password-stealing malware:
✔ Targets macOS users.
✔ Extracts login credentials, cookies, & crypto wallets.
✔ Distributed via Telegram as malware-as-a-service (MaaS).
🔊 Cybersecurity expert Patrick Wardle warns that Amos is the most prolific Mac infostealer but requires manual installation by the user.
SocGholish – Windows Malware
💀 Windows users face SocGholish, a malware that:
✔ Deploys fake software updates.
✔ Compromises corporate networks.
✔ Installs remote access trojans (RATs).
🕵️♂️ Hackers use this stolen data for large-scale credential theft & financial fraud.
🚀 How to Stay Safe & Protect Your Devices
🔐 Cybersecurity Best Practices:
✅ Update WordPress & plugins to the latest versions.
✅ Only install software from official sources (Google Chrome, Apple App Store, Microsoft Store).
✅ Enable two-factor authentication (2FA) on all accounts.
✅ Use a trusted antivirus solution & enable real-time protection.
✅ Scan websites before clicking links (use tools like Google Safe Browsing).
🚀 Pro Tip: Always update Google Chrome via its built-in update feature, NOT from pop-ups or website prompts!
📢 Final Thoughts: A Growing Cybersecurity Threat
Cybercriminals are constantly evolving their tactics to exploit vulnerabilities in popular platforms like WordPress. If your website runs on WordPress, it’s critical to update it regularly to avoid becoming an entry point for hackers.
⚠️ If you see a pop-up asking you to update Chrome—DON’T CLICK IT! Instead, navigate to chrome://settings/help in your browser and update it manually.
🛡 Stay safe, stay updated, and share this article to spread awareness! 💻🚀
