Summary: According to researchers from Avast, the high trafficked Assassinscreedfrance.fr web site, has been serving ZeuS crimeware variants to its visitors for over 8 weeks.
Cybercriminals are constantly scanning the Web for exploitable and misconfigured web applications, and blogging platforms such as WordPress for instance.
Not surprisingly, hundreds of thousands of legitimate web sites remain susceptible to remote exploitation, which on the majority of occasions are serving malicious content to unsuspecting end and corporate users.
According to researchers from Avast, the high trafficked Assassinscreedfrance.fr web site, has been serving ZeuS crimeware variants to its visitors for over 8 weeks. Moreover, the researchers point out that the web site is among the remaining 1,841 legitimate web sites serving the same crimeware variant.
The web site is currently returning a “Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /homepages/23/d207590046/htdocs/wp-content/plugins/countdown-timer/fergcorp_countdownTimer.php on line 1050” error message.
How did the malicious attackers obtained access to the affected gaming web site? By exploiting the outdated WordPress version running on this domain. Avast is also confirming that based on an analysis of 6000 affected .com web sites, a huge percentage of them are susceptible to exploitation through outdated and vulnerable WordPress plugins.
Users are advised to keep an eye for newer version of the popular blogging platform, including the introduction of new versions of the WordPress plugins currently in use by their web sites.