WordPress Sites Hijacked by Google Tag Spam Scripts

A new spam campaign targeting WordPress sites hijacked by a malicious script embedded in Google Tag Manager is redirecting users to fraudulent destinations. The attack operates without deploying traditional malware, relying instead on a fileless method that executes a hidden script within the browser. This tactic allows attackers to bypass endpoint defenses and redirect unsuspecting visitors to spam websites.

Researchers discovered that once deployed, the malicious script causes automatic redirection, leaving no visible trace on the compromised site. WordPress sites hijacked by this campaign show no immediate signs of infection, making detection difficult for administrators. The use of Google Tag Manager, a legitimate analytics tool, adds another layer of camouflage, enabling the script to blend in with normal site functions.

Security professionals recommend regularly auditing third-party scripts and monitoring unexpected behavior. Site owners should stay alert to protect their platforms against silent redirection threats.

Read the full story here:
https://www.scworld.com/news/wordpress-spam-campaign-abuses-google-tag-manager-scripts