Attackers have taken over thousands of websites running WordPress and are using them to infect unsuspecting visitors with potent malware exploits, according to security firm Sucuri.
The exploit began 15 days ago, but there have been a spike of compromised sites in the past two days, from about 1,000 per day on Tuesday to close to 6,000 on Thursday. The hijacked sites are being used to redirect visitors to a server hosting attack code made available through the Nuclear exploit kit, which is sold on the black market. The server tries a variety of different exploits depending on the operating system and available apps used by the visitor.
Read the entire post over at Sucuri, and reach out to us if you need help!