DollyWay Malware Scheme Infects Over 20,000 WordPress Sites - 1

Image by WebFactory Ltd, from Unsplash

DollyWay Malware Scheme Infects Over 20,000 WordPress Sites

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

GoDaddy Security researchers have uncovered a massive malware operation called “DollyWay World Domination” that has been quietly infecting over 20,000 websites since 2016.

In a rush? Here are the quick facts:

  • Malware uses advanced tricks like automatic reinfection and hiding in plugins to stay undetected.
  • Creates hidden admin accounts and steals real admin credentials for long-term access.
  • Generates 10 million malicious page views monthly, earning attackers millions of dollars.

The campaign, named after a line of code found in the malware, uses hacked WordPress sites to trick visitors into clicking on scam pages, earning the attackers millions of dollars.

The operation has evolved over the years, starting in 2016 with campaigns like Master134 and Fake Browser Updates. The latest version, DollyWay v3, is highly advanced, using clever tricks to stay hidden.

For example, it can automatically re-infect websites, remove other malware, and even update WordPress to keep the site running smoothly while hiding its malicious activity.

Here’s how it works: When you visit an infected website, the malware secretly redirects you to scam pages, often related to dating, crypto, or gambling. These scams are part of a larger network run by cybercriminals called VexTrio. The malware is so sneaky that it avoids detection by ignoring bots, logged-in users, and even local visitors.

As of February 2025, over 10,000 WordPress sites are infected, generating around 10 million malicious page views every month. The malware is designed to stay hidden, making it hard for website owners to notice anything is wrong.

One of the most concerning features of DollyWay v3 is its ability to keep reinfecting websites. Every time someone visits an infected site, the malware checks to make sure it’s still in control. If it finds any security plugins, it disables them. It also hides malicious code inside legitimate plugins and WPCode snippets, making it even harder to detect and remove.

The attackers also create hidden admin accounts with random usernames and email addresses. These accounts let them access the site anytime, even if the original admin tries to remove them. In some cases, the malware even steals the real admin’s login details to maintain access.

To make matters worse, the malware uses advanced encryption to protect its code and ensure only the attackers can control it. It also uses a network of 14 infected websites, called TDS nodes, to manage the scam redirects. These nodes are updated daily to keep the operation running smoothly.

Website owners are urged to check their sites for signs of infection, such as unexpected redirects or strange admin accounts. Using strong security plugins and keeping WordPress updated can help protect against these kinds of attacks.

Meta AI Expands To Europe After Regulatory Delays - 2

Image by Dima Solomin, from Unsplash

Meta AI Expands To Europe After Regulatory Delays

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Meta is launching its AI chatbot across Europe, nearly a year after regulatory concerns forced the company to delay its rollout.

In a rush? Here are the quick facts:

  • Meta AI is launching across 41 European countries and 21 overseas territories.
  • The rollout follows a year-long delay due to European regulatory concerns.
  • The AI assistant will function only as a text-based chatbot in Europe.

The AI assistant, already available in the U.S., U.K., and India, will now be integrated into WhatsApp, Facebook, Instagram, and Messenger for users across 41 European countries and 21 overseas territories.

“It’s taken longer than we would have liked to get our AI technology into the hands of people in Europe as we continue to navigate its complex regulatory system – but we’re glad we’re finally here,” Meta said in a blog post on Thursday.

Meta AI was initially set to launch in Europe last year, but the Irish Data Protection Commission halted the rollout over concerns about the company’s plan to use Facebook and Instagram users’ data to train its language models, as noted by Euronews .

Its delayed launch comes amid mounting regulatory scrutiny. Recently, the Irish Data Protection Commission fined Meta €251 million for a 2018 data breach that compromised sensitive data from 29 million users , including 3 million in the EU.

To comply with regulators, Meta is launching a text-based version of its chatbot that does not rely on first-party EU user data.

For now, the chatbot will function as a virtual assistant, helping users brainstorm ideas, plan trips, and answer general questions using web-sourced information. It will also help users find content relevant to their interests on Instagram.

However, features available elsewhere—such as image generation and editing—will not be included in the European version at this time.

Meta says the AI will initially support six languages: English, French, Italian, Spanish, Portuguese, and German. The company plans to expand its capabilities and work toward “parity with the U.S.” over time.

Despite regulatory hurdles, Meta executives have expressed concerns over Europe’s approach to AI oversight. Joel Kaplan, the company’s head of global policy, recently stated that strict regulations are hindering Europe’s role in AI development, as reported by Euronews. He stressed the importance of fostering competitiveness and economic growth through open innovation and closer collaboration between the U.S. and Europe.

Meta’s AI assistant has already seen widespread adoption, with over 700 million monthly active users globally. The European launch marks the company’s largest expansion of the technology to date, as it continues its push to integrate AI across its platforms.

Meanwhile, Meta is also facing backlash over its AI-generated character profiles on Instagram and Facebook. The resurfacing of profiles from a 2023 experiment, including “Liv” and “Carter,” reignited concerns about AI’s role in social media.

Some users reported being unable to block the accounts, while critics questioned their design and potential misuse. Following public outcry, Meta confirmed it had deleted the AI profiles.