JavaScript Malware Switches to Server-Side Redirects and Uses DNS TXT Records as TDS
JavaScript Malware Switches to Server-Side Redirects and Uses DNS TXT Records as TDS
22 April 2024
A malware campaign was found injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains, specifically using dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs.