10,000+ WordPress Sites Hit by Fake Redirects to Increase Google AdSense Revenue

Over 10,000 WordPress websites have been affected by a malicious code that redirects users to fake URLs in order to inflate Google AdSense revenue. The attack was discovered by security researchers at Wordfence, who reported the issue on their blog.

WordPress is one of the most popular content management systems (CMS) used for creating and managing websites. It powers over 35% of all websites on the internet today, making it an attractive target for hackers looking to exploit its vulnerabilities.

The malicious code was found embedded in various themes and plugins hosted on third-party sites such as ThemeForest and CodeCanyon. When a user visits a website with this code installed, they are redirected to another URL without their knowledge or consent. This URL contains ads from Google AdSense which generate revenue when clicked on by visitors.

The attackers behind this campaign were able to make money through two different methods: firstly, by generating ad impressions from unsuspecting visitors; secondly, by collecting referral fees from advertisers whose ads were displayed due to the redirection process.

In response to this attack, Wordfence has released an update that will detect any malicious code associated with these campaigns and remove them automatically if detected. They also recommend taking additional steps such as disabling unused plugins and themes as well as regularly updating your WordPress installation in order to protect against future attacks like this one. Additionally, they suggest using web application firewalls (WAFs) which can help block malicious requests before they reach your site’s server(s).

WordPress administrators should be aware of these types of threats so that they can take proactive measures against them before it’s too late – especially since many people rely heavily upon their website for business purposes or other important activities online today! Furthermore, those running multiple sites should consider investing in a managed hosting solution which provides enhanced security features compared with traditional shared hosting plans offered elsewhere online today!

It’s important for everyone involved – both developers & end-users alike -to stay vigilant when it comes to protecting themselves against cyberattacks like these ones because unfortunately there are always new threats emerging every day! As we’ve seen here with over 10K+ WordPress sites being affected already – no matter how small or large you may think your website is – anyone could potentially become vulnerable if proper precautions aren’t taken ahead of time…so please do keep yourself informed about what’s going on out there & don’t forget about regular maintenance either!