In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites.
This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare and Yuzo-Related-Posts issue, as well as some zero-days.
The attack is known to redirect infected site visitors to various traffic monetization schemes, such as fake tech support scams.
Continue reading From .tk Redirects to PushKa Browser Notification Scam at Sucuri Blog.