The Trackstatisticsss.com site is a Web page, which has been linked to mass hacking campaigns targeting WordPress websites. The targeted sites had one trait in common – they had outdated add-ons, which were vulnerable to exploitation. Malware experts first spotted the attacks in question in April 2020. It quickly became evident that the attackers are compromising more and more WordPress pages successfully every day. According to cybersecurity researchers, the attackers have likely breached tens of thousands of Web pages already. According to researchers' estimates, there may be several millions of websites, which are vulnerable and can be exploited by the attacker currently.
Among the add-ons, which are vulnerable to the attackers are:
- Blog Designer.
- Total Donation.
- WP GDPR Compliance.
It is paramount to note that the attackers are able to exploit only outdated versions of the listed add-ons. If you have updated your add-ons to their latest versions, you do not need to worry about your website being breached. If you are an administrator of a website, it is crucial always to apply the latest updates to your themes and plugins to minimize the chances of your page being breached. The attackers would carry out the attack either by taking advantage of a vulnerability in an add-on, which will allow them to alter the settings of the site or hijacking the session of a WordPress administrator via an XSS vulnerability.
- If the targets are not logged into their administrator profile, the script will direct them to a URL that hosts corrupted advertisements.
- If the targets are logged into their administrator profile, the corrupted script will try to hijack the active session to plant a PHP backdoor in the WordPress theme of the site.
If you are a WordPress administrator, you need to update all the plugins and themes on your Web page regularly. Avoid downloading pirated themes and other illicit content, as these are often used as an infection vector.