One million WordPress sites injected.

Apr 11 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily newsletter that shows cybercriminals all the respect that Budweiser shows its customer base. #BudLight

Today’s hottest cyber security stories:

  • One million WordPress sites injected – sorry, infected with Balada Injector
  • Dagnammit! America’s oldest law firm got hacked, Jack
  • Hottest… (wait for it) cybersecurity trends of 2023 ????????


Since 2017, an ongoing malware campaign called Balada Injector has infected an estimated one million WordPress websites by exploiting known and newly discovered vulnerabilities in plugins and themes, according to security firm Sucuri, which has observed attacks occurring in waves every few weeks.

The campaign is identified by its use of String.fromCharCode obfuscation, newly registered domain names hosting malicious scripts on random subdomains and redirects to various scam sites.

The attacks include fake tech support, fraudulent lottery wins, and rogue CAPTCHA pages prompting users to turn on notifications to verify they are not robots, enabling the attackers to send spam ads.

The campaign has relied on over 100 domains and various methods to exploit known security flaws and obtain database credentials in the wp-config.php file.

The attacks are also engineered to read or download arbitrary site files and search for tools like adminer and phpmyadmin that may have been left behind by site administrators after completing maintenance tasks.

Doctor Who?

Doctor Web recently detailed a Linux malware family that exploits flaws in more than two dozen plugins and themes to compromise vulnerable WordPress sites.


Sorry, that’s Cadwalader, Wickersham & Taft. But no-doubt the law firm will be feeling a little daft after having to inform 90k plus people that they got hacked and data-jacked.

What tf happened?

Over 90,000 clients of the prestigious law firm Cadwalader, Wickersham & Taft are at risk of having their personal information compromised due to a cyberattack.

In a notice to affected clients on March 30, 2023, the firm disclosed that an unauthorized third party gained remote access to its systems on November 15, 2022.

Sensitive information, including documents containing clients’ personal information such as names and Social Security numbers, was reportedly acquired by the hackers. 

The breach was discovered on November 16, 2022, and affected 93,211 people, according to the Office of the Maine Attorney General.

Cadwalader, Wickersham & Taft, founded in 1792, is the oldest continuously operating legal practice in the United States. The notice stated that the firm has conducted targeted online monitoring and found no evidence to suggest that the personal information of affected clients has been leaked or misused by an unauthorized third party. However, the firm warned that unauthorized access or misuse of personal information could expose clients to a greater risk of identity theft or fraud, financial loss, and non-material loss.

To be fair, the company has offered free identity theft protection to affected clients and urges them to take advantage of this service.

Hats off to Cadwalader, Wickersham & Taft for owning it. We salute you, Sirs!


1.       Application security: As businesses shifted online to stay afloat during the pandemic, the forecast for application security spending is projected to surpass $7.5 billion, according to Statista.

2.       Cloud security: According to more data by Statista, cloud security is the fastest-growing segment in the IT security market, with a projected growth of nearly 27% from 2022 to 2023. This is mainly due to the increasing demand for cloud solutions in the wake of the COVID-19 outbreak.

3.       Mobile security: The mobile phone has replaced our trips to the banks, stores, and outings with friends. With just a few taps in an app, we can order any service or product without leaving the couch. Every app stores our data, search and order history, and location information.

4.       IoT (Internet of Things): As a result of home automation using IoT, the supply of devices for “smart” homes is expected to reach 1.8 billion by 2025. Smart devices, smart homes, and voice assistants have become integral to our lives.

5.       Remote work and attacks on corporate networks: Remote work has relaxed the control companies have over their employees’ safe use of data. Cybercriminals, along with those engaged in phishing and social engineering, have taken advantage of this loophole, using increasingly sophisticated attack methods to compromise networks.

6.       Cyber Insurance: As cyberattacks and the levels of risk associated with them continue to grow, so do new related industries designed to mitigate these risks, including cyber insurance. Organizations turn to it to minimize threats and financial losses from attacks.

7.       Zero trust does not replace VPNs—yet: The concept is based on “never trust, always verify.” In a zero-trust environment, users are constantly checked, reassessed, and reauthenticated using multiple authentication methods. Gartner believes that Zero Trust Network Access (ZTNA) is the fastest-growing form of network security, which will grow by 31% in 2023 and completely replace VPNs by 2025.

8.       AI (Artificial Intelligence): Artificial intelligence (AI) has already been successfully used in cyber defense. It is expected to become even more prevalent in 2023, particularly in monitoring, resource and threat analysis, and rapid response capabilities.

9.       Attack detection tools are NO LONGER a luxury: Each attack potentially leads to severe consequences because safeguards are either not in place or currently unavailable. A successful data breach can cost millions of dollars, and the amount depends directly on the type of attack and its duration, as well as the loss of reputation, customer loyalty, and the customers themselves.

10.   Outsourcing cybersecurity: As cyberattacks become increasingly sophisticated, many companies need help to ensure a high level of security on their own. Therefore, the trend of protecting companies with expert service providers will flourish.

As always, stay safe out there folks!

So long and thanks for reading all the phish!

Recent articles