06-15-2018, 04:32 PM
WordFence, the WordPress Security guys just released a White Paper on a new malware that eats other malware called BabaYaga. Just can't believe how these spammers are getting more and more creative with their exploits.
The malware is very sophisticated with generating spam links and redirection in a way that is difficult for the victims to detect. The infection is notable for containing code capable of removing its competition. BabaYaga has the ability to remove other malware.
The payoff for the spammers are affiliate marketing services. When a human visitor reaches an infected page of the site after following a link from a search, embedded JavaScript executes a malicious redirect to an affiliate site. Any purchases made at the destination site generate income for the attacker, and at that point it becomes a numbers game.
Here is a link to the White Paper for BabaYaga:
https://www.wordfence.com/wp-content/upl...ePaper.pdf
The malware is very sophisticated with generating spam links and redirection in a way that is difficult for the victims to detect. The infection is notable for containing code capable of removing its competition. BabaYaga has the ability to remove other malware.
The payoff for the spammers are affiliate marketing services. When a human visitor reaches an infected page of the site after following a link from a search, embedded JavaScript executes a malicious redirect to an affiliate site. Any purchases made at the destination site generate income for the attacker, and at that point it becomes a numbers game.
Here is a link to the White Paper for BabaYaga:
https://www.wordfence.com/wp-content/upl...ePaper.pdf