Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability
Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability
15 January 2024
Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector.
First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech