Hackers Are Exploiting WordPress Tools to Hawk Scams | TechBuzz

- Advertisement -

Photo shows a magnifying glass over a screen with computer code.

Thousands of WordPress sites have been hacked via known vulnerabilities in recent months, according to security firm Sucuri.
Photo: Jack Guez/AFP (Getty Images)

- Advertisement -

If you’ve visited a website in recent days and been randomly redirected to the same pages with sketchy “resources” or unwanted ads, it’s likely the site in question was 1) built with WordPress tools and 2) hacked.

Researchers at Sucuri, a security provider owned by GoDaddy, revealed on Wednesday that the hackers behind a months-long campaign focused on injecting malicious scripts into WordPress themes and plugins with known security holes were at work yet again.

It’s important to note that these hacks are related to themes and plugins built by thousands of third-party developers using the open source WordPress software, not WordPress.com, which offers hosting and tools to build websites. Automattic, WordPress.com’s parent company, is a major contributor to the software but does not own it.

- Advertisement -

According to Sucuri, there are 322 WordPress sites with plugins and themes that have been affected by this new exploit, although the “actual number of impacted websites is likely much higher.”

In April alone, hackers used this tactic to infect nearly 6,000 sites, Sucuri malware analyst Krasimir Konov stated.

Sucuri noticed the hackers’ intrusions this past Monday while investigating WordPress sites that complained of unwanted redirects. All of the websites shared a common issue, Konov explained; they contained a malicious JavaScript hidden in their files and databases.

The JavaScript creates redirects that lead users to a range of poisoned apples, including phishing pages and malware, the researcher explained. Worst of all, visitors might not even notice they’re going down the internet’s version of a dark and dangerous alley, as the redirect landing page looks fairly innocent.

“This page tricks unsuspecting users into subscribing to push notifications from the malicious site. If they click on the fake CAPTCHA, they’ll be opted in to receive unwanted ads even when the site isn’t open — and ads will look like they come from the operating system, not from a browser,” Konov wrote.

If that weren’t bad enough, Konov said that opt-in manuevers for push notifications are one of the most common ways hackers can run tech support scams. These consist of the annoying windows that pop up out of nowhere to tell you that your computer is infected and that you should call a phone number to get it fixed. Do not do this. The Federal Trade Commission, which is an expert in detecting scams, helpfully points out that real security messages and warnings will not ask you to call a phone number to get tech help.

WordPress.com on Thursday told Gizmodo that plugins and themes are independently written and maintained outside of the core WordPress software. In regards to Sucuri’s report, the company said that any plugin or theme hosted on WordPress.org, the website for the software, “is regularly scanned for vulnerabilities.”

“If security issues are identified, plugin and theme authors are notified immediately. Specific to Sucuri’s report, any plugin that wasn’t patched was either closed or not hosted on WordPress.org. WordPress.org also provides resources on security to both theme developers and plugin developers,” a spokesperson for WordPress.com said. “For self-hosted sites, WordPress users are notified and encouraged to update core software, plugins and themes by default.”

Sites hosted on WordPress.com are also offered services that address vulnerabilities like those referenced in the report, the spokesperson added.


Source link

- Advertisement -
I am admin of techbuzz.asia blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts


Latest posts

Lidl now sells an accessory that every new cell phone owner needs at a lower price | TechBuzz

Most new smartphones no longer come with a power adapter. (Image source: GIGA) Anyone who buys a new smartphone could be in for a...

Apple’s electric car: Inspired by Hyundai, Nissan and Co. | TechBuzz

The Apple Car is currently only available in the iPhone manufacturer's development studios. So we can't get an immediate impression of it yet....

Data Auction: New Apple Video Illustrates Data Security | TechBuzz

data auction, is the title of a new Apple video. A lively short story illustrates Apple's data security. The cinematically produced clip went on...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!