The new botnet is estimated to have exploited hundreds of websites starting from November 2019. KashmirBlack is a highly sophisticated botnet that manipulated the sites by attacking their base content management system (CMS) platforms. Some of the platforms that got impacted include Joomla, Drupal, WordPress, etc.
Imperva’s security researchers identified the botnet and believe that its main goal is to infect the websites and then misuse their servers to drive legitimate traffic to spam pages and web defacements where possible. The botnet is supposed to have had humble beginnings, but constant updates have made it currently capable of attacking thousands of sites daily.