Keylogger Found in WordPress Sites

Hacking is a big problem. And it’s not always an easy spot either. We reported a couple of months ago about the Equifax data breach, where hackers were able to gain unauthorised access to the accounts of millions of people due to a technical oversight regarding their admin password. And now there has been a KeyLogger found in some WordPress sites.

Many people believe that big companies are not susceptible to being hacked, however, has just announced that over 5,500 WordPress sites have been infected by Key Logger software. It comes after the malicious script is being loaded from “” domain; anything the user is typing is being monitored. And because the script is loaded in the front and back end, it can also log usernames and passwords. So, what does this mean for you?

Keyloggers and WordPress

Because of the sheer amount of WordPress sites on the web, WordPress is a big target for hackers, especially KeyLogger hackers. Hacking WordPress is like having a master key to hacking a lot of websites on the internet today. Once a hacker finds vulnerabilities within the software, your site automatically becomes more susceptible to being hacked too. When a vulnerability is discovered in a WordPress version, every site in the world running that same version, is vulnerable to the same exploit.

The easiest way to detect whether your site has been infected is with a Malware tool. Check it regularly and monitor the results. If you’re a developer, you can check in the developer tools or check the network tab for any suspicious web socket activity.

However, you can minimise your risks by keeping your software up to date and installing any security patches as soon as they’re released. If you don’t have time to do that we, at Jerram, offer a support and maintenance package, which ensures your site is always kept up to date. We have spent over 5000 hours this year alone, on support, with 5 websites being disinfected after an attack.

Other tips for recognising if you’ve been hacked early, are:

  • Visit your site often – when you google it, does it say ‘This website might be harmful to your computer’ or ‘This website may have been hacked’?
  • Search your website often and look for anything abnormal
  • Set up Google alerts in Google Search Console
  • Use a good malware scanner and set up email alerts so you can fix the problem swiftly
  • Investigate customer reports quickly
  • Use a source code scanner
  • Use a website monitoring service that picks up changes quickly
  • Watch for unexplained spikes in traffic
  • Use a remote scanner

Try and be pro-active in checking your website periodically.  As we’ve mentioned many times before, your website is the face of your business; if it doesn’t work as it should, it will put people off from visiting it again. Maintaining a healthy, hack free website can be a job in itself. If you don’t have the time to give it the attention it needs, get a professional to do it for you.

By having the knowledge on what to look out for, if you ever do get hacked, you will be able to alert the necessary people quickly, before any real damage is done.

This article was written whilst listening to: 

Adele – Fire in the Rain
Jessie J – Queen
Ed Sheeran – Perfect
Eminen and Beyonce – Walking on Water
Ed Helms – I Will Remember You
The Killers – Mr Brightside
The Red Hot Chilli Peppers – Snow
Beyonce – Crazy in Love

Author: Marie Roberts

Leave a Reply

Notify of

Tell us about yourself

Want to see if we can help? Fill in your details below and let's see what we can achieve together

Our Blog

Explore our blog for impactful resources, insightful articles, and ideas that inspire action.

What is Marketing Automation?

What is Marketing Automation Solution? Marketing automation solution refers to software platforms and technologies designed for marketing departments and organisations to more…

Read article

10 sales lead generation commandments

Sales lead generation We're skipping the intro and getting straight to the point, here are 10 commandments that will make…

Read article

15 Tried-and-Tested Lead Generation Ideas

The whole lead generation process is tough -- especially when you only rely on traditional methods. Sending cold emails and scraping…

Read article

Are you sure?

By disagreeing you will no longer have access to our site and will be logged out.

Privacy Preference Center

Strictly Necessary

Cookies that are necessary for the site to function properly.



These are used to track user interaction and detect potential problems. These help us improve our services by providing analytical data on how users use this site.

_ga, _gat, _gid

Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?