Security experts are warning webmasters over a series of attacks targeting the WordPress and Joomla publishing platforms.
The Sans Institute said that it has received reports of multiple exploit attempts on the platforms. The compromised sites are then injected with code which redirects to a third-party site.
John Bambenek, Sans blogger and president of security firm Bambenek Consulting, said that the attacks were particularly interesting for their method of attempting to exploit pages en masse by targeting servers.
"The interesting thing to note is that it doesn't seem to be a scanner exploiting one vulnerability but some tool that's basically firing a bunch of Joomla and Wordpress exploits at a given server and hoping something hits," he explained.
Sans said that the compromised sites are used to redirect users to an attack site which tries to infect users with a phony antivirus package. Such payloads are often used to trick users into paying for "registration fees" and other fraudulent charges.
Webmasters and administrators are being advised to update their software to avoid an infection.
"Mediation is your typical advice, make sure all your software is up-to-date and kept that way on a regular basis," Bambenek said.
Wordpress has previously been the target of malware attacks. Cybercriminals have targeted the publishing platform as a means of embedding attack code in pages which can then be used to redirect visitors to third-party attack sites.
Success of AMD's Ryzen microprocessor line finally wakes up Intel
British Airways CEO Alex Cruz suggests power surge and the failure of back-ups caused weekend of airline chaos
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store