Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.



Source: DarkReading
Source Link: https://www.darkreading.com/endpoint/backdoor-lurks-behind-wordpress-caching-plugin-to-hijack-websites