DollyWay malware, active since 2016, has infected over 20,000 WordPress sites, redirecting visitors to scam sites as it strives for 'world domination.' The malware's latest version, DollyWay v3, employs advanced tactics such as cryptographically signed data transfers, automatic reinfection, and removal of competing malware, making it difficult for victims to identify the compromise of their sites. It operates using a network of compromised sites functioning as Traffic Direction Systems and Command and Control nodes, complicating the removal process significantly due to its persistent reinfection mechanisms.
DollyWay malware infects over 20,000 WordPress sites since 2016, utilizing advanced techniques for control and persistence, which complicates detection and removal.
The malware's ability to remove competing threats while conducting automatic updates exposes its sophisticated control over compromised WordPress sites, leading to ongoing exploitation.
Collection
[
|
...
]