According to MalwareHunterTeam, hackers are compromising WordPress sites to launch DDoS attacks on Ukrainian websites.
The targeted websites include Ukrainian government agencies, think tanks, recruitment sites for the International Legion of Defense of Ukraine, financial sites, and other pro-Ukrainian sites.
The JavaScript when loaded will force the visitor’s browser to perform HTTP GET requests to each of the listed sites with more than 1,000 concurrent connections at a time.
Since the DDoS attacks occur in the background, the victims are unaware that their browser has been compromised for an attack. This, therefore, allows the attackers to carry out the DDoS attacks without being detected.
After careful investigation, BleepingComputer was able to identify a few sites infected with this DDoS script. Also, it was discovered that the same script is being used by a pro-Ukrainian site to conduct attacks on Russian websites.