The web is seeing an increase in malicious scripts injected into legitimate websites, which redirect internet users to the Neutrino exploit kit server when accessed. Hundreds of millions of sites could be affected, serving up ransomware and other baddies.
Heimdal Security said that the attack has been carried out by systemically compromising websites which run an outdated content management system, especially unpatched WordPress sites, or outdated plugins.
According to Heimdal, WordPress is used by 58.7% of all the websites whose content management system we know. This is 24.3% of all websites. Since there are almost 1 billion websites in the world, the figure of potentially compromised websites could rise to over 142 million. Moreover, over 20% of WordPress-based websites run an outdated version.
