Tuesday, August 6, 2013
New Trojan breaks Wordpress-blogs
With the help of the Trojan attackers can change the contents of the blogs or infect them with other malware that threaten future visitors. It is the spread of Trojan.WPCracker.1 may be linked celebrated by numerous experts in the present surge of large-scale attacks on websites.
Once on the infected computer, Trojan.WPCracker.1 creates a copy of one of the system folders and modifies registry branch Windows, responsible for the automatic application launch at system startup. The Trojan then connects with criminals, turning them on a remote server.
Attackers send the Trojan list of blogs and sites that are running the popular CMS, including Wordpress and Joomla, and starts the selection of passwords to them. If the procedure was completed successfully guessing the password, the Trojan sends the data to the attacker's server.
In the future, authors of the Trojan Trojan.WPCracker.1 use their monetization model - they are selling access to compromised websites to third parties (usually the other criminals) to give direct income.
How dangerous Trojan.WPCracker.1 for their victims? With it, criminals can completely change the content hacked blog or install other malicious programs out there, who will be a direct threat to future visitors. It is the spread of the malware can be connected celebrated by numerous experts in the present surge of large-scale attacks on Web sites by selecting passwords for the Administrator account.