WordPress Sites Targeted in World Cup-Themed Spam Scam

WordPress-powered websites are being targeted in a comment spam campaign designed to get users to click on links to sites offering betting services on the 2018 FIFA World Cup games. Security vendor Imperva recently observed a botnet spewing out meaningless text messages generated from a template to comments sections in blogs, news articles, and other sites that allow people to comment.

The spambot has been attempting to post comments to the same Uniform Resource Identifier (URI) across different WordPress sites indiscriminately and without regard for whether the site is vulnerable or even has a comments section.

Read more about the new spam campaign using a ‘spray & pray’ approach to post comments on WordPress powered blogs and forums on DarkReading.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief