Massive Balada Injector campaign attacking WordPress sites since 2017

An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits “all known and recently discovered theme and plugin vulnerabilities” to inject a Linux backdoor that researchers named Balad Injector.The campaign has been running since 2017 and aims mostly to redirect to fake tech support pages, fraudulent lottery wins, and push notification scams.According to website security company Sucuri, the Balad Injector campaign is the same one that Dr. Web reported in December 2022 to leverage known flaws in several plugins and themes to plant a backdoor.

Source: Massive Balada Injector campaign attacking WordPress sites since 2017


My pronouns are whatever you're comfortable with as long as you speak to me with respect. I'm an Afruikan and Iswa refugee living in Canaan. That's African American expat in Israel in Normalian. I build websites, make art, and assist people in exercising their spirituality. I'm also the king of an ile, Baalat Teva, a group of African spirituality adherents here. Feel free to contact me if you are in need of my services or just want to chat.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • You’ve read the article, now get the t-shirt! :-D