Hacker invaded Wyoming Medical Center
infosec

Hacker invaded Wyoming Medical Center

Hackers invaded Wyoming medical center systems forcing a hospital to cancel some surgeries, stop accepting ...
Read More
infosec

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More
infosec

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More
infosec

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More
infosec

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
Latest Posts

WordPress Plugins: Hackers exploit vulnerabilities and attack

WordPress

According to researchers, its sites WordPess accept continuous attacks from the previous month, from hackers that they use administrator accounts. Vulnerabilities WordPress add-ons are used by hackers who "infuse" malicious JavaScript on their frontends sites of the victims. Through this, site visitors can be redirected to sites with malware. Many times payloads try to avoid being tracked by WAF and IDS software.

Researchers have been able to pinpoint the source of the attacks, identifying various web-connected IP addresses hosting providers. When the attacks became known, IP addresses stopped operating. Only one continued.

"This IP address is 104.130.139.134, a Rackspace server, which hosts several infringing sites. Researchers contacted Rackspace to inform them of suspicious activity.

Hackers have exploited known vulnerabilities in the following add-ons:

  • Bold Page Builder
  • Blog Designer
  • Live Chat with Facebook Messenger
  • Yuzo Related Posts
  • Visual CSS Style Editor
  • WP Live Chat Support
  • Form Lightbox
  • Hybrid Composer
  • All former NicDark plugins (nd-booking, nd-travel, nd-learning, et al.)

Initial research identified the injection of scripts that drove site visitors to malicious content.

However, the campaign has evolved and added an additional script aimed at installing a backdoor on the targeted site.

Researchers advise users to keep going updates add-ons to their WordPress site and get the latest patches released to counter such attacks.

According to researchers, the attacks move from server to client. At the same time, they are becoming more sneaky and harder to identify.

Publishers, platforms and brands need to think about what to do to prevent malicious activity. They should consider enhancing them cyber-security their programs. This will help to remove any malicious hacker from it network and will reduce the risk for the finalists users.

How useful was this post?

Average rating / 5. Vote count:

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Absent Mia

About Absent Mia

Being your self, in a world that constantly tries to change you, is your greatest achievement

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *