{"id":957,"date":"2024-03-12T08:42:56","date_gmt":"2024-03-12T06:42:56","guid":{"rendered":"https:\/\/techlance.ddns.net\/?p=957"},"modified":"2024-03-12T08:44:21","modified_gmt":"2024-03-12T06:44:21","slug":"wordpress-sivustot-kohteena-uudessa-fakeupdates-kampanjassa","status":"publish","type":"post","link":"https:\/\/techlance.ddns.net\/en\/wordpress-sivustot-kohteena-uudessa-fakeupdates-kampanjassa\/","title":{"rendered":"WordPress-sivustot kohteena uudessa FakeUpdates-kampanjassa"},"content":{"rendered":"<p>Globaali uhkaindeksi helmikuussa 2024 paljasti tutkijoiden l\u00f6yt\u00e4neen uuden FakeUpdates-kampanjan, joka kompromissoi WordPress-sivustoja. N\u00e4m\u00e4 sivustot saastuivat hakkeroiduilla wp-admin yll\u00e4pit\u00e4j\u00e4tileill\u00e4, ja haittaohjelma mukautti taktiikoitaan soluttautuakseen sivustoille k\u00e4ytt\u00e4m\u00e4ll\u00e4 muokattuja versioita aidoista WordPress-lis\u00e4osista ja huijaten ihmisi\u00e4 lataamaan et\u00e4yhteys troijalaisen. Samaan aikaan, vaikka Lockbit3:n toiminta saatiin loppumaan helmikuun lopussa, se pysyi yleisimp\u00e4n\u00e4 lunnasohjelmistoryhm\u00e4n\u00e4, vastaten 20% julkaistuista hy\u00f6kk\u00e4yksist\u00e4, ja koulutussektori jatkoi olemista eniten vaikutuksen alaisena toimialana maailmanlaajuisesti.<\/p>\n\n\n\n<p>FakeUpdates, joka tunnetaan my\u00f6s nimell\u00e4 SocGholish, on ollut toiminnassa ainakin vuodesta 2017 l\u00e4htien ja k\u00e4ytt\u00e4\u00e4 JavaScript-haittaohjelmaa kohdistuakseen sivustoihin, erityisesti niihin, joissa on sis\u00e4ll\u00f6nhallintaj\u00e4rjestelmi\u00e4. Usein luokiteltuna yleisimm\u00e4ksi haittaohjelmaksi uhkaindeksiss\u00e4, FakeUpdates-pyrkii huijaamaan k\u00e4ytt\u00e4ji\u00e4 lataamaan haitallista ohjelmistoa ja huolimatta yrityksist\u00e4 pys\u00e4ytt\u00e4\u00e4 se, se pysyy merkitt\u00e4v\u00e4n\u00e4 uhkana verkkosivustojen turvallisuudelle ja k\u00e4ytt\u00e4j\u00e4tiedoille.<\/p>\n\n\n\n<p>The Global Threat Index for February 2024 saw researchers uncover a fresh FakeUpdates campaign compromising WordPress websites. These sites were infected using hacked wp-admin administrator accounts, with the malware adapting its tactics to infiltrate websites by utilizing altered editions of authentic WordPress plugins, and tricking individuals into downloading a Remote Access Trojan. Meanwhile, even following its takedown towards the end of February, Lockbit3 remained the most prevalent ransomware group, responsible for 20% of published attacks, and education continued to be the most impacted industry worldwide. FakeUpdates, also known as SocGholish, has been operational since at least 2017, and uses JavaScript malware to target websites, especially those with content management systems. Often ranked the most prevalent malware in the Threat Index, the FakeUpdates malware aims to trick users into downloading malicious software and despite efforts to stop it, it remains a significant threat to website security and user data.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.checkpoint.com\/research\/february-2024s-most-wanted-malware-wordpress-websites-targeted-by-fresh-fakeupdates-campaign\/\">https:\/\/blog.checkpoint.com\/research\/february-2024s-most-wanted-malware-wordpress-websites-targeted-by-fresh-fakeupdates-campaign\/<\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Globaali uhkaindeksi helmikuussa 2024 paljasti tutkijoiden l\u00f6yt\u00e4neen uuden FakeUpdates-kampanjan, joka kompromissoi WordPress-sivustoja. N\u00e4m\u00e4 sivustot saastuivat hakkeroiduilla wp-admin yll\u00e4pit\u00e4j\u00e4tileill\u00e4, ja haittaohjelma [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9],"tags":[15],"class_list":["post-957","post","type-post","status-publish","format-standard","hentry","category-security","tag-tietoturva"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts\/957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/comments?post=957"}],"version-history":[{"count":0,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts\/957\/revisions"}],"wp:attachment":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/media?parent=957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/categories?post=957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/tags?post=957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}