This is not the first Wordpress attack this year. In January, security firm Sucuri revealed another fake jQuery attack. In this attack, hackers used a fake jQuery Pastebin file to spread malware. They used Pastebin.com to host the malware. This type of attack has also been used on infected Magneto sites. In February, Wordpress was attacked again. Hackers injected encrypted code at the end of all legitimate .js files. The malware only affected first-time visitors.
Photo: © iStock.