home.aspx
 
. https://blog.sucuri.net/2019/04/from-tk-redirects-to-pushka-browser-notification-scam.html
blog article
FROM .TK REDIRECTS TO PUSHKA BROWSER NOTIFICATION SCAM
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare and Yuzo-Related-Posts issue, as well as some zero-days. The attack is known to redirect infected site visitors to various traffic monetization schemes, such as fake tech support scams. These bad actors have been using disposable .tk domains as intermediate destinations in their redirect chains for quite some time now. New Monetization Channel: Pushka Browser Notification Scams. We’ve recently noticed the addition of a new monetization channel which sometimes replaces the .tk redirects — and sometimes complements it by using both .tk redirects and push notifications at the same time. READ MORE