Have you ever looked at a webpage and felt that something didn't look right? That was never just a coincidence. Last year, researchers uncovered 14,000 WordPress sites that had been hacked and configured improperly to join a malware campaign. I have to admit, when I read the article, I was just as surprised!
Ultimately, hackers are creating new methods to hack sites, even large platforms like WordPress. But you can protect your data and devices as long as you are vigilant, update your software, and know the tricks.
Next time you are on a webpage, be mindful of what you are doing and don't click without thinking about it. Some caution is a good idea to be able to better defend against malware.
Who Did It?
This was the work of a hacking group called UNC5142. They began these hacks in late 2023 and continued on until July 2025. They had been suspected of leveraging various techniques to assist with detection and containment, possibly additionally using blockchain.How They Did It
The malware primarily targeted older or unsupported WordPress plugins or themes. They would compromise the site and run a program called CLEARSHOT. At that point, CLEARSHOT would download malicious code using blockchain technology, specifically the BNB chain.Why Use Blockchain?
Because it has better uptime, making it more difficult to remove the malware. Once the site that had been compromised was in place with enough traffic, they performed a command with ClickFix, without the knowledge of the user. They are hiding the malicious pages on Cloudflare .dev domains under a normal page.Why You Should Be Concerned
This shows how clever some hacks are getting even if you don't run WordPress. They are taking technical tricks with software combined with computer tricks (so they infect computers). These are great reminders to always be updating software, to have strong passwords and to be extra cautious on running scripts or commands you find on the internet.How To Stay Safe
Here are a few simple things I do to keep my websites secure:- Always regularly update your WordPress core, plugins and themes.
- Turn on two-factor authentication to log in.
- Backup your content regularly - just in case the site gets hacked you can republish your website somewhere.
- Always check for any odd activity - even if slight changes mean something is going on.
Ultimately, hackers are creating new methods to hack sites, even large platforms like WordPress. But you can protect your data and devices as long as you are vigilant, update your software, and know the tricks.
Next time you are on a webpage, be mindful of what you are doing and don't click without thinking about it. Some caution is a good idea to be able to better defend against malware.