Wordfence cybersecurity experts: The flaw affects versions 1.5.1 to 1.6.0. Update the plugin now!
Technical analysis by the Malware Hunter JAMESWT
The latest global MassLogger campaign exploits CHM files. The emails contain a compressed file with the file inside. If executed, it downloads a fake image that triggers the infection of the malware, which steals data and transmits it via ftp
The text of the mail-trap
The flow of data exfiltrated via SMTP