Thousands of WordPress websites redirected unaware users to malicious domains

Compromised WordPress websites have been redirecting unaware internet users to malicious domains. The malicious domains which the unaware users are redirected to are hosting the ‘Nuclear Exploit Kit´. This Exploit Kit is capable of infected vulnerable devices which in order grants access to the cyber criminal behind the Nuclear Exploit Kit campaign on WordPress websites.

You can use the following Hashes to get more information about the binaries which are used:

  • FileHash-MD5 a33bd7f15f886aa1bb9ec3a7d48765c0
  • FileHash-MD5 c5d8570ec474f9d60927a695d56f24b2
  • FileHash-MD5 67fefb283d13612ac25158ec091c4ce4
  • FileHash-SHA256 264e4ada0f4dccad2566c7a65fd14331cc75d8004085c9f75a89dcabbc15d7a1
  • FileHash-MD5 aac02336420ccbfab665ff540f6ea64c
  • FileHash-SHA1 8d27daed2d11f0be4baa2fc9c5acb5b3e3ba2d16
  • FileHash-SHA1 4860e85ea05229954596190032d9d0e98a10a281
  • FileHash-SHA1 beb72b957c58ed3d4a6a6145452f4dc1aab538ff
  • FileHash-SHA1 079b6bef4ec194c26c2446979773662a2589c33c
  • FileHash-SHA256 1bb07d0a894f8993f00c3efa6b02b28e29e14cd4c624b034917147fffe0d01e9
  • FileHash-SHA256 65f4c3513058984576901221c97b4c884a1e1672591ccea455f49f84c7ef3960
  • FileHash-SHA256 8e1fa4954c53d4156370dec97c6d8f857db1017692a8e7ffbdededbcb930cfb3
Share this info: