Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics even set up fake analytics websites designed to trick webmasters who took a few steps to investigate the unfamiliar script.

Recently, a new variation of this type of infection has emerged. The new campaign uses trafficanalytics[.]online as the source for the injected script. Although it appears to be simple, the damage to a website can be devastating – RealStatistics was known for spreading ransomware on both WordPress and Joomla sites.
Malicious TrafficAnalytics on WordPress

Currently, we are seeing a large number of WordPress websites being infected. The infection is often found within the wp_posts table or the header.php file.

The final destination of this redirect chain is currently blacklisted by Microsoft:

SEO Hertfordshire


Online Reputation Management

Share This
Call me!