WordPress administrators are being urged to ensure all of their plug-ins are up-to-date, after researchers detected a 30-fold increase in attack traffic targeting mainly cross-site-scripting vulnerabilities.

The surge in malicious traffic over the past few weeks appeared to peak on May 3, when more than 20 million attacks were attempted against more than half a million individual sites, according to Wordfence’s Ram Gall.

Over the past month, the security vendor detected attacks on more than 900,000 sites, from over 24,000 different IP addresses, all from what appears to be the same malicious actor.

That’s because they’re all attempting to inject the same malicious JavaScript payload to insert a backdoor into the victim site and redirect visitors.

The attacks themselves seek to exploit several cross-site scripting vulnerabilities in: the Easy2Map plug-in, the Blog Designer plug-in and the Newspaper theme. Also targeted are options update vulnerabilities in the WP GDPR Compliance plug-in and the Total Donations plug-in.

However, Gall warned that the hacker behind these attacks is likely to pivot to other vulnerabilities in the future.

The JavaScript in question is designed to redirect users that are not logged-in to a malvertising URL. If they are logged-in it will try to inject a malicious PHP backdoor into the current theme’s header file, alongside another malicious JavaScript, with the aim of taking remote control of the site.

“The most important thing you can do in a situation like this is to keep your plug-ins up-to-date, and to deactivate and delete any plug-ins that have been removed from the WordPress plug-in repository. The vast majority of these attacks are targeted at vulnerabilities that were patched months or years ago, and in plug-ins that don’t have a large number of users,” advised Gall.

“While we did not see any attacks that would be effective against the latest versions of any currently available plug-ins, running a web application firewall can also help protect your site against any vulnerabilities that might have not yet been patched.”

Source: https://www.infosecurity-magazine.com/news/wordpress-hacker-attacks-one/

World news – GB – WordPress Hacker Attacks One Million Sites in a Month

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/


Please enter your comment!
Please enter your name here