Infoblox Report Highlights Smishing and Vulnerabilities in WordPress Websites


Infoblox has published a new edition of the company’s quarterly cyber threat intelligence report, a security intelligence report that compiles the main threats and security breaches detected during the previous three months on a quarterly basis worldwide. Among the main conclusions of this report, which covers the months of April to June 2022 are:

Smishing: A strategy that combines SMS and phishing

Smishing messages are sent by bad actors to get victims to reveal private information, including passwords, identity, and financial data.

Prevention and Mitigation

Smishing messages are a common method for sending phishing links. Infoblox recommends the following precautions for avoiding smishing attacks:

  • Always be suspicious of unexpected text messages, especially those that appear to contain financial or delivery correspondences, documents, or links.
  • Never click URLs in text messages from unknown sources.

VexTrio DDGA Domains Spread Adware, Spyware and Scam Web Forms

Mohammed Al-Moneer, Regional Director- Infoblox

Since February 2022, Infoblox’s Threat Intelligence Group (TIG) has been tracking malicious campaigns that use domains generated by a dictionary domain generation algorithm (DDGA) to run scams and spread riskware, spyware, adware, potentially unwanted programs, and pornographic content. This attack is widespread and impacts targets across many industries.

VexTrio actors heavily use domains and the DNS protocol to operate their campaigns. To avoid detection, the actors have integrated several features into their JavaScript and require the following conditions from the user to trigger the redirect:

  • The user must visit the WordPress website from a search engine.
  • Cookies are enabled in the user’s web browser.
  • The user has not visited a VexTrio compromised web page in the past 24 hours.

Prevention and mitigation

Infoblox recommends the following actions for protection from this kind of attack:

  • Disabling JavaScript on web browsers completely or enabling it only for trusted sites.
  • Consider using an adblocker program to block certain malware activated by popup ads.

Mohammed Al-Moneer, Regional Director, META at Infoblox says, “Our report shares research on many dangerous malware threats. Security effectiveness depends on timely, up-to-date threat intelligence. Using tools included in Infoblox BloxOne threat defense, security teams can collect, normalize and distribute highly accurate, multi-sourced threat intelligence to strengthen the entire security stack. Additional capabilities can help SecOps to accelerate threat investigation and response by up to two-thirds.”

Leave A Reply