Incident: Dunlop’s Aussie site caught up in CryptXXX ransomware-spreading campaign | iTnews
Australian Information Security Incident Reported: July 20 2016
Dunlop’s site compromised, users redirected to exploit kit. Dunlop parent Ardex Australia said it was “currently investigating” the weakness and declined to elaborate.
Attackers are targeting business websites through a vulnerable version of the Revslider slideshow plugin for WordPress to spread the CryptXXX ransomware.
A vulnerable version of the RevSlider plugin for WordPress was behind the March 2015 compromise of the New South Wales government GovDC website. In December 2014, over 100,000 sites with the Revslider plugin were compromised in a single day.