Balada Injector A Large-Scale Malware Campaign Targeting WordPress
Balada Injector A Large-Scale Malware Campaign Targeting WordPress
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
In September 2023, over 17,000 WordPress websites fell victim to a malware called Balada Injector. The substantial surge in attacks is linked to the exploitation of a recently disclosed security vulnerability found in the tagDiv Composer plugin (CVE-2023-3169). This specific vulnerability allows unauthenticated users to execute stored cross-site scripting (XSS) attacks on vulnerable websites.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.