New WordPress malware masquerades as plugin
A dangerous malware variant disguised as a legitimate WordPress plugin has been uncovered by security researchers.
The malware, named “WP-antymalwary-bot.php,” gives attackers persistent access to infected websites, injects malicious code and can serve remote advertisements to site visitors.
Discovered by the Wordfence Threat Intelligence team during a routine site cleanup on January 22 2025, the malware mimics the structure of a genuine plugin, complete with standard formatting and metadata.
Read more at Infosecurity Magazine