Saturday, September 26, 15:41
Home security WordPress: Massive attack on 900.000 websites

WordPress: Massive attack on 900.000 websites

WordPress in their sights hackers, with a new mass attack against more than 900.000 websites.

The attacks appear to be the work of a hacker, who has used at least 24.000 in the past month IP addresses to send malware on more than 900.000 websites.

WordPress: Massive attack on 900.000 websites

After April 28, the crackdown intensified as WordPress security company Defiant, which built the Wordfence security plugin, on May 3, detected more than 20 million attacks on more than 500.000 websites.

Defiant's QA chief Ram Gall said the hacker had focused more on exploiting cross-site scripting (XSS) vulnerabilities in plugins which have been corrected in the past and have been targeted at others attacks.

Redirecting visitors to malicious ads is a successful endeavor hacking attack. If the user is connected to the browser running JavaScript, the code tries to insert a PHP backdoor into the header file, along with another JavaScript. Then the backdoor takes another payload and saves it to the header trying to execute it. This way the hacker can change the payload on webshell, a code that creates a malicious administrator or deletes the contents of an entire site. In its announcement, Defiant included the exposure indicators in the final payload.

Here's a list of vulnerabilities that appear to be more targeted, and Plugins have either been removed or corrected in the past, according to Gall.

  1. An XSS vulnerability in the Easy2Map plugin, which was removed from WordPress in August 2019, and is estimated to have been installed on less than 3.000 websites.
  2. A vulnerability in WP GDPR Compliance's update options, which allowed intruders, among other things, to change the site's URL and was fixed in late 2018. Although this plugin exceeded 100.000 additions, it is estimated that they have not offended more than 5.000 websites.
  3. An XSS vulnerability in Blog Designer, which was fixed in 2019. It is estimated that less than 1.000 vulnerabilities remain, although this vulnerability has been the target of previous hacking campaigns.
  4. A vulnerability in options update to Total Donations that allows hackers to change the URL of the homepage of the website. This plugin was permanently removed from the Envato Marketplace in early 2019 and it is estimated that less than 1.000 total installations remain.
  5. An XSS vulnerability in the Newspaper theme that was fixed in 2016. This vulnerability has also been targeted in the past.


Please enter your comment!
Please enter your name here


Mac: See how to rename multiple files at once!

Many people have more difficulty renaming files on a Mac than renaming Windows. The Finder of ...

How can you control the performance of your Chromebook?

Many times users wonder about the performance of their computer and would like to be able to take a look at the system ...

How To Detect Hidden Surveillance Cameras With Your Phone

During our holidays or on business trips, we are forced to stay in hotels or Airbnb ....

How to play the hidden game of Android 11

Google usually includes the so-called "Easter Eggs" in every new version of Android that is released. And Android 11 is not ...

Ring: Amazon's new device is a drone with a security camera

Amazon is ready to launch a new Ring security camera mounted on top of a flying drone.

Software developers were very productive during the pandemic

The productivity of most software development teams increased during the Covid-19 pandemic crisis, according to a new study. But if you are ...

Cisco: 25 Serious Defects in IOS and IOS XE Software

Cisco has warned customers using IOS and ISO XE software to apply updates for 25 high-security vulnerabilities ...

The new Microsoft Edge feature will reduce memory and CPU usage

To improve memory and CPU usage on the Edge, Microsoft is developing a new feature called "Sleeping Tabs".

Microsoft: Removed 18 Azure AD apps controlled by Chinese hackers

Microsoft announced yesterday that it has removed 18 Azure Active Directory apps from the Azure portal, which were developed and used maliciously by ...

Possible penalties for CEOs of Google, Facebook, and Twitter

The Senate Commerce Committee asked the CEOs of Google, Facebook and Twitter to testify on October 1.