Trusted Design

Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites

概要

A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In reality, this script loaded a CoinHive cryptocurrency miner from a third-party server. We also mentioned a post written back in April that described the cloudflare.solutions malware, which came along with the cryptominers. At this moment, PublcWWW reports there are 5,482 sites infected with this malware. It seems that this evolving campaign is now adding keyloggers to the mix.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• WordPress Compromise Campaign (score: 0.68)
• Compromised Domain Serving Keyloggers (score: 0.66)
• KeyBase Keylogger Malware Family Exposed (score: 0.66)
• Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis (score: 0.63)
• Compromised Wordpress sites serving multiple malware payloads (score: 0.63)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る