C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
From .tk Redirects to PushKa Browser Notification Scam
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare and Yuzo-Related-Posts issue, as well as some zero-days. The attack is known to redirect infected site visitors to various traffic monetization schemes, such as fake tech support scams. These bad actors have been using disposable .tk domains as intermediate destinations in their redirect chains for quite some time now. New Monetization Channel: Pushka Browser Notification Scams. We’ve recently noticed the addition of a new monetization channel which sometimes replaces the .tk redirects — and sometimes complements it by using both .tk redirects and push notifications at the same time.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.