SolarMarker Attack Uses Vulnerable WordPress Sites and False Chrome Updates


Researchers have identified the cyber-attack group using SolarMarker malware, which uses fake Chrome browser updates as part of watering hole attacks against a multinational tax consulting firm with operations in the US, Canada, the UK, and Europe.

It’s a fresh strategy for the group, replacing spamdexing and search engine optimization (SEO) poisoning as its previous methods. SolarMarker is a multistage piece of malware that can steal credit card numbers, passwords, and autofill information from victims’ web browsers.

The threat group was reportedly observed taking advantage of flaws in a medical equipment manufacturer’s website, which was created using the well-known open source content management system WordPress, according to an advisory released by eSentire’s Threat Response Unit (TRU).

Read More: SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.