Malicious fake captchas served by infected websites

We have all gotten used to clicking captchas in order to prove we are’nt robots. A new attack seems to trick website users by displaying reCAPTCHA-like images in order to “verify you’re not a robot”. But these elements are not captchas – they are browser notification opt-ins.

Thousands of WordPress websites have been infected according to a blog post published by Sucuri. According to them, the tagDiv Newspaper theme and the Ultimate Member plugin are the contributing to the infections.

Sites on the same hosting account could continue to be cross-site infected unless all websites are properly cleaned and hardened according to the Sucuri blog post.

Sucuri recommends all webmasters utilizing tagDiv’s Newspaper theme or the Ultimate Member Plugin update to the new versions as soon as possible.

Malicious Captcha

Malicious Captcha

Written by
Bernhard has been working as a tech editor for 10 years, then became a communications specialist. In 2011, he founded his own agency Lots of Ways. He is blogging and working with WordPress since 2006.

Have your say!

1 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Lost Password

Please enter your username or email address. You will receive a link to create a new password via email.