Mysterious spike in WordPress hacks silently delivers ransomware to visitors

In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites have been hacked to silently redirect visitors to a series of malicious sites. The attack sites host code from the Nuclear exploit kit that’s available for sale in black markets across the Internet. People who visit the WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can then find their computers infected with the Teslacrypt ransomware package, which encrypts user files and demands a hefty ransom for the decryption key needed to restore them.

Make sure your WordPress installation, plugins and theme are up to date and the website is locked down with a strong password(s) and preferably two-factor authentication. Look out for signs of being targeted until there is more information available about causes of this new hack.