While scanning website files, SiteLock SMART flagged three particular files as suspicious. Inspection of the files by the SiteLock research team ultimately determined that a malicious WordPress plugin was being actively hosted, used by unsuspecting site owners, and spread via YouTube.
In the following article, we will:
- detail the malware contained in the malicious plugin
- reveal the relationships between the malicious plugin and other websites
- discuss mitigation for sites using the plugin and how to avoid such situations