Tuesday, January 26, 07:01
Home security Large-scale hacking campaign targets WordPress sites

Large-scale hacking campaign targets WordPress sites


At the weekend, some hackers started mass attacks targeting WordPress sites. The attackers are taking advantage of old ones vulnerabilities into a uninformed plugins in order to steal configuration files from WordPress sites.

Taking advantage of these vulnerabilities allows you to download or export wp-config.php files from uninformed websites and export database credentials. Then the hackers can use usernames and passwords to take control of databases.

Ο Ram Gall, threat analyst in Wordfence, said last weekend's attack was huge compared to attacks and the campaigns the company observes on a daily basis.

Gall said that "this campaign represents 75% of all plugins and plugins in the WordPress ecosystem."


According to Gall, WordFence has blocked more than one 130 million attempted attacks only on its network. These attempts targeted more than 1,3 million WordPress websites. However, analysts believe that the attackers are targeting even more sites.

The Wordfence analyst said the attacks were carried out by one network 20.000 different IP addresses. Most of these IP addresses were also used in another similar large-scale campaign aimed at WordPress sites in early May.

During the first hacking campaign, the attackers had taken advantage XSS (cross-site scripting) vulnerabilities and had tried to introduce new administrators and backdoors to targeted sites.

The first campaign was also very large, as XSS attacks outperformed XSS attacks carried out by other hacking teams in the past (as shown in the diagram below).

Analyst Gall believes the two campaigns are coming most likely by themselves hackers, despite the fact that different vulnerabilities were used for the attacks.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!



COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...