There was a report that more than 2,000 WordPress website are now infected by the keylogger. Yes beware that this type of inject script code are now spreading out there and it may affect your website. As what sucuri said here.

Lately, a bunch of safety researchers have found greater than 2,000 
WordPress websites contaminated with a keylogger that’s loading on 
the login web page of the platform and an encryption script 
(cryptocurrency mining within the browser) on their interfaces.

What is Keylogger?

Keyloggers or keystroke loggers are software programs or hardware devices that track the activities (keys pressed) of a keyboard. Keyloggers are a form of spyware where users are unaware their actions are being tracked. Keyloggers can be used for a variety of purposes; hackers may use them to maliciously gain access to your private information, while employers might use them to monitor employee activities. Some keyloggers can also capture your screen at random intervals; these are known as screen recorders. Keylogger software typically stores your keystrokes in a small file, which is either accessed later or automatically emailed to the person monitoring your actions.

A keylogger impacts WordPress websites

As we all know, WordPress is among the most used content material managing platform by customers. Many web sites are developed on this platform.

The assault is kind of easy. Cybercriminals discover unsafe WordPress websites (normally people who run older variations or older themes and plugins) and use exploits for these websites to insert malicious code into the supply code.

The malicious code contains two components. For the administrator login web page, the code masses a keylogger hosted in a third-party area. For the positioning’s interface, the thieves load the Coinhive and Monero miner within the browser utilizing the CPUs of the individuals who go to the positioning.

We’ve got already seen that the mining of Monero has elevated loads and it’s already an genuine epidemic and as a result of this plague many websites have been affected. Within the marketing campaign of the top of 2017, the criminals loaded their keylogger from the area “cloudflare.options”. These assaults affected virtually 5,500 WordPress websites however have been stopped on December eight when the registrar eliminated the area of the criminals.

Three new domains

Based on a brand new report, the criminals at the moment are loading the keylogger of three new domains:


This script will be injected in your wordpress website and it will spread through out the function.

Increase your security right now!

You can prevent this by increasing your security. Right now there are many free plugin that can help you increase your security try this All in One Security. This security will enhance firewall in your wordpress which enhance and prevent some ambitious user that coming in your wordpress. Most importantly this have a file security system what was the keylogger what to do in your wordpress website this modify your files by injecting malicious script and it will spread through out the functionality of your wordpress so you need to enhance your file system by the use of this plugin.

When you are affected with this type of malicious script you need to update all your files, plugin, wordpress etc., because updating the following will help to replace a new updated files to the one that affected with this script. Mostly the target of this script are within the function.php of your themes if you see any malicious and unknown script you need to delete that. You can visit here for more info about security of your wordpress website wordpress tips for security and speed. Also avoid NULLED themes or plugins in your WordPress ASAP.