A new malware named BabaYaga discovered by Wordfense* infects WordPress websites and generates spam links. When the pages are clicked and the user buys a product, the malware creator receives a commission. Furthermore, this malware deletes competing malware to ensure that it stays functional. Alex Calic, Strategic Technology Partnerships Officer at The Media Trust commented below.
Alex Calic, Strategic Technology Partnerships Officer at The Media Trust:
“This malware is unique in the comprehensiveness of features that ensure effective and persistent infection. These features are typically used one at a time–rarely have we seen them combined together. While this malware might target WordPress sites, it will likely affect other sites that use PHP, such as those on Drupal and Joomla. The best offense against this malware is a strong defense. For website operators, that includes (1) continuous updates and patches, (2) closely watching the direct and indirect vendors that support and execute code within websites that run PHP script, and (3) scanning websites in real time to identify any unauthorized code executing within your digital ecosystem.”