WordPress and Joomla websites get hacked with fake jQuery

Hackers use the popular jQuery library to inject malicious code into websites powered by WordPress and Joomla.

JQuery is a very popular JavaScript library. The basic aim of this library is to erase the differences between implementations of JavaScript in various web browsers. If you have ever tried web coding you know how tedious it can be to make the code do the same thing in different browsers. Sometimes it is a really big challenge. In such situations, this library can be very useful.

Of course it is only a matter of time until such a well-known library gets the attention of those who want to use it for different purposes other than web coding. Fake jQuery injections have been very popular among hackers. And that brings us to one of the most popular infections of the last couple of months –  the attack that injects fake jQuery script into the head section of CML websites powered by WordPress and Joomla.

What does it look like?

jQuery hack source codeThe script is located right before the tag </head> so as a normal visitor you can’t notice anything unless you look into source code

Leave a Reply