A WordPress ransomware campaign is underway.
WordPress Ransomware Campaign News
WordPress Targeted with Mass Ransomware Campaign
“A massive malware campaign has been found targeting WordPress websites.
The sites were compromised via obfuscated Javascript code, and they all redirect users to a domain hosting the Nuclear exploit kit, which is available commercially via the exploit kits-as-a-service model. The EK then scans for vulnerabilities in Flash, Adobe Reader or Acrobat, Internet Explorer and Silverlight; and, if a flaw is found, the infection delivers TeslaCrypt; what’s more, this Teslacrypt variant is identical to the other ransomware strains, so Cryptowall or other ransomware types could also infect the victim’s PC.
According to Andra Zaharia, marketing communications manager at Heimdal Security, hundreds of servers hosting WordPress-based websites have already been compromised. Further, antivirus detection of exploit code is low: only 2/66 on VirusTotal. Meanwhile, the payload also achieves only limited detection.”
Source: http://www.infosecurity-magazine.com/news/wordpress-targeted-with-mass/