The Hacker News
reports that more than 61,000 websites have been impacted by the Parrot traffic detection system campaign, tracked as NDSW/NDSX by Sucuri, last year, after the same campaign was reported by Avast in April to have affected 16,500 websites.
"The NDSW malware campaign is extremely successful because it uses a versatile exploitation toolkit that constantly adds new disclosed and 0-day vulnerabilities. Once the bad actor has gained unauthorized access to the environment, they add various backdoors
and CMS admin users to maintain access to the compromised website long after the original vulnerability is closed," said Sucuri researcher Denis Sinegubko.