GoDaddy Researchers Uncover WordPress Malware Hiding C2 Instructions in Steam Profile Comments

GoDaddy researchers identified a new WordPress malware strain that conceals encoded command and control (C2) instructions within Steam Community profile comments. The campaign has compromised approximately 1,980 WordPress sites, leveraging Steam’s platform to evade detection by hiding malicious data in seemingly benign user-generated content. No specific dates, CVE IDs, or technical encoding methods were disclosed in the findings. The malware operates as a backdoor, enabling attackers to remotely control infected websites. The discovery highlights the use of unconventional channels like gaming platforms for cyberattack infrastructure. The affected systems are limited to WordPress sites, with no additional impacted services or industries specified.