Over 10,000 WordPress Sites Compromised, Distributing Windows and Mac Malware

A significant malware campaign is exploiting outdated WordPress versions and plugins, compromising over 10,000 websites and tricking visitors into downloading malicious software. Security firm c/side reports that hackers redirect users to fake Google Chrome update pages, where they are prompted to install malware disguised as updates. The malware strains involved, SocGholish for Windows and AMOS for macOS, target sensitive user information, including passwords and crypto wallets. This widespread attack affects some of the most popular websites on the internet and employs a 'spray and pray' strategy, targeting anyone visiting compromised sites. C/side has alerted Automattic, the company behind WordPress, and provided a list of affected domains. The attack utilizes sophisticated techniques to evade detection, including obfuscated JavaScript and dynamically injected iframes.