in , ,

60 Million WordPress Users About “Backdoor Hack Attack”

60 Million WordPress Users About "Backdoor Hack Attack"
60 Million WordPress Users About "Backdoor Hack Attack"

Warning Issued For More Than 60 Million WordPress Users About “Backdoor Hack Attack”

More than 60 Million people are using WordPress software to run their websites. WordPress warned them for an ongoing “backdoor hack attack.” The Information you should have;
The Information should have for WordPress website owners.

What Should You Know As A WordPress Website Owner?

Most famous WordPress website hacking campaign which has been started on July 2019. Now changed smoothly from redirecting web browsers to sites containing dodgy advertisements or other malicious software into something that is actively more severe problems.

According to Mikey Veenstra who is a researcher with the Defiant Threat Intelligence Team, Said that “The campaign has added another script which attempts to install a backdoor into the target site by exploiting an administrator’s session.”

WordFence security blog already posted a warning on August 30, Veenstra who has revealed that “a malicious JavaScript dropped into host websites to create a new user and with all administrator rights on the victim’s site. If a logged-in administrator is identified as viewing the infected page, it then goes on to make an AJAX call via jQuery, one that creates a rogue administrator account.”

“This AJAX call creates a user named “wpservices” with the email “[email protected]” and the password w0rdpr3ss,” Veenstra said, “with this user in place, the attacker is free to install further backdoors or perform other malicious activity.”


This Is How The Hacker Gets Access To Our Website

The official WordPress states that there are almost 55133 plugins available right for WordPress. According to an Imperva report looking at web application vulnerabilities, just 3%of these were newly added during 2018. It means there are so many plugins out there, and likely still in the Use, which hasn’t been updated for a long time ago. In a report, Imperva revealed “98% of WordPress vulnerabilities are related to plugins,” that is Easy enough to understand the magnitude of the issue.

In the meantime, it has been reported, Veenstra stated that the plugins that are under attack currently had been identified as follows:

All Former NicDark plugins (nd-booking, nd-travel, nd-learning)

It is adviced if any plugin as mentioned above have you been installed on your WordPress website, Then make sure that the installed version is updated. Most of the Mention plugins have been patched. Veenstra warned that: “it’s reasonable to assume any unauthenticated XSS or options update vulnerabilities disclosed shortly will be quickly targeted by this threat actor.”

The Way I Can Protect My WordPress Website From Threats?

As Veenstra stated, “Checking your site for needed updates frequently to ensure you’re receiving the latest patches as they’re released.”

Again “As always updating the plugins and themes on your WordPress site is an excellent way of defense against campaigns like these.”

This precaution applies to all website owners that are using WordPress content management system to publish their content.

Ethical Hacker John Opdenakker says that “it is best to combine several security layers of protection, so as well as those plugin update checks he says, it’s certainly a good idea to use web application firewall to help block cross-site scripting (XSS) attacks. I would add that two-factor authentication for admin access to the WordPress website isn’t optional these days; it’s a must-have.”

All the information discussed in this article are not just for big-scale sites, it is applied and can be heated for small-scale sites too. A criminal is always a criminal and always do check on small sites to use for serving malicious advertisements, redirect to other malicious websites, or to get complete hold to take advantage of a significant attack plan.