Breaking News: Reader’s Digest and other WordPress sites are compromised

A large number of Internet users have been infected via the Angler exploit kit, after visiting compromised sites in the past week. The hacking campaign has been pushed from many WordPress sites, most notably that of Reader’s Digest — the popular, monthly family magazine.

According to security blog, Malwarebytes, the attack consists of compromised WordPress sites injected with malicious script that launches another URL whose final purpose is to load the Angler exploit kit. Owners of attacked WordPress sites should remember that although the injected scripts and URL’s follow the same pattern, they vary over time.

In the initial investigation by Malwarebyte, it was found that the Necurs backdoor trojan is loaded on the computer of visitors to the infected sites, delivered by the Bedep trojan via the uploaded Angler Exploiter Kit. If you have visited Reader’s Digest or any other compromised site, run a security scan on your computer.

But if you are one of the infected sites, then don’t hesitate in contacting us. It is our specialty to clean up all malware and hacker attacks on WordPress sites. We have a highly experienced team who have seen all kinds of viruses and malware, and effectively dealt with them.

In an email to SCMagazine on Tuesday, Reader’s Digest spokesperson Pauli Cohen said, “We became aware of the malware attack last week and have been working with our security provider, technology partners and platform provider to investigate the issue and perform extensive security checks on our website. At this point, we are addressing all known vulnerabilities of the site. We take security very seriously and are taking every step to ensure the integrity of our site.”

Although it is our specialty to help restore security to hacked WordPress sites, we believe it is always important to guard yourself against an attack in the first place. Getting your site back up and running is no problem for us. However once you’ve realized that your site has been hacked, then give us a call at +1 (650) 600‑1970 as soon as possible to mitigate the damage.