WordPress sites being hacked with fake Cloudflare DDoS to distribute malware

On Saturday, WordPress sites are being hacked for displaying fake Cloudflare DDoS protection pages to circulate malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.

DDoS protection screens are commonplace on the internet, that protects sites from bots, pinging them with bogus requests which aim to overwhelm them with garbage traffic.

Internet users treat these welcome screens as an unavoidable short-term annoyance that keeps their favorite online resources protected from malicious operatives. Unfortunately, this familiarity serves as an excellent opportunity for malware campaigns, Bleeping Computer reports.

According to the reports by Sucuri, hackers are attacking poorly protected WordPress sites to add a heavily obscure JavaScript payload, displaying a fake Cloudflare protection DDoS screen.

In June 2022, Raccoon Stealer returned to operations when its authors released its second major version and made it available to cybercriminals under a subscription model.

Raccoon 2.0 targets passwords, cookies, auto-fill data, and credit cards saved on web browsers, a wide range of cryptocurrency wallets, and it also has the potential of performing file exfiltration and taking screenshots of the victim’s desktop.


Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More


This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More