Recently there has been an increase in WordPress malware that displays a fake browser update page. We will explain this malware.
Symptoms of Malware
This malware downloads and stores the code for the Chrome update page in your company’s server and embeds it directly or indirectly in index.php.
This causes users visiting your site to see the Chrome update page, and if the user accidentally submits their login information, it is sent to hackers or causes them to download a malicious fake program.
The name of this program, according to Sucuri, is.
EngineChromium.zip, EngineBrowser.zip, and EngineTools.zip.
Why is malware embedded in index.php?
The index.php file in the WordPress top directory or theme is the file that is executed each time the site is viewed. For this reason, hackers most often target this file to ensure that malware code is executed when a user accesses the site’s de pages.
Detecting and Removing Malware
We have added a detection pattern for this type of malware to our plugin below. This malware, which displays a fake Chrome update page, is a type of malware that site operators are unlikely to be aware of, and we recommend that you have it checked once.
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].
Scan online at
https://malware-scan.website-malware-removal.com/
If you have difficulty getting rid of it, do not know how to do so, or are reinfected, we recommend that you contact a specialist.