Several thousand WordPress sites have been hijacked by attackers and have been redirecting visitors to a Nuclear Exploit Kit landing page. The malware campaign began over two weeks ago, but has recently seen a massive spike in activity.
Daniel Cid, CTO of security firm Sucuri, says that the infection rate went from 1,000 per day to more than 6,000 per day on Thursday. There has been no explanation as to where the additional activity came from, although it looks like the campaign has become active enough that 17-percent of the affected sites have been blocked by Google for suspicious activity.
No list of affected WordPress sites has been provided, but Sucuri has provided a tool for checking if the particular site has fallen victim to the attack.