Malware Attacks Target WordPress Sites - Tech Critic

Malware Attacks Target WordPress Sites

In Technology by Mo IqbalLeave a Comment

Share this Post

Securing Site Should Be a Priority for All

Malware Attacks Target WordPress Sites - Tech CriticThe digital landscape continues to change and evolve with each passing day. The advancements in technology have drastically altered how the internet functions and how users interact with this digital frontier. There are virtually endless possibilities when using the internet. It has helped millions and millions of people connect with people thousands of miles apart. You can make purchases, handle your finances, share your views on the world, and so much more. However, as with all new technologies, there are security issues that always present themselves.

Cyberattacks have become a common threat to everyone using the internet, which all must be conscious of. Computer security should be a priority for everyone when surfing the internet. However, there are individuals who continue to attack the security and privacy of millions online. In recent events, a sudden surge of WordPress attacks was discovered by WordPress’s threat intelligence team at the end of April 2020. Within just a few days, these attacks progressed to about 30 times greater than in the initial attack data.

This most recent attack on WordPress is just another in a long line of cyberattacks and breaches in security. Now more than ever, businesses and individuals alike must prioritize their security online to ensure that their business or private details are not stolen or corrupted. Tech Critic understands the importance of securing your site against malware and attacks like this by ensuring your site is up to date and using daily backups. If you want to ensure that your site is secure, contact Tech Critic today.

WordPress Attacks

As we mentioned previously, the WordPress threat intelligence team discovered a sudden increase in WordPress XSS Attacks, or cross-site scripting, attacks. Attackers inserted malicious code into the scripting language of a vulnerable site, with the purpose of stealing the identity data of the user, such as cookies, session tokens, and other information.

Countless blogs use WordPress as the base structure for their websites. Unfortunately, their sites and privacy are under attack. This platform is being attacked by a botnet that utilizes nearly 90,000 IP addresses, which use brute force to guess the administrator password of several facilities.

The intelligence team was able to identify malicious JavaScript as the main threat responsible for most of these attacks. This JavaScript attempts to inject the payload, which would create a backdoor in WordPress theme’s header, using the administrator’s session. It would then redirect visitors elsewhere. Additionally, the team also discovered that the site’s home URL could be changed, which would send visitors to a malware site.

Many suspect that even more sites may experience these attacks and WordPress vulnerabilities, thanks in large part due to the number of targeted websites. On May 3, nearly half a million individual websites reported being a target of nearly 20 million attacks, which is an exponential increase in just a few short days. Furthermore, over 900,000 sites received requests from over 24,000 IP addresses that all match these attacks. Attacks of this nature often tend to spread and get out of hand quickly, especially if you do not properly secure your website.

Other Attacks

This is not the first time WordPress plugins have been the focus of malware attacks. The platform has had its hands full in the past, dealing with certain attacks. Other popular targets include:

  • An XSS vulnerability was discovered in the Easy2Map plugin. Eventually, WordPress removed the plugin in August 2019, but it was already in about 3,000 sites, which made up over half the attacks.
  • Also, in 2019, a vulnerability in Blog Designer emerged and became a target in the previous campaign. While a team managed to patch it in 2019, there are still up to 1,000 vulnerable installations remaining.
  • Using WP GDPR Compliance, an attacker was capable of changing a site’s URL, alongside other options in this update option. A team patched it in 2018, and less than 5,000 installations remain after an estimated 100,000 installations.
  • Similarly, an attacker was able to change a site’s URL in this update vulnerability in Total Donations. Again, this vulnerability was removed in 2019, and just under 1,000 installations are remaining.
  • An XSS vulnerability in the Newspaper theme emerged and became a target. It was eventually patched in 2016.

As you can see, attacks like this most recent one are far from new. Attackers continue to look for ways to exploit platforms and websites to breach security and steal or corrupt private information. Even though in many instances, individuals are able to patch or remove these vulnerabilities before they reach too many sites, countless individuals and sites have their security breached.

Far too many people believe that attacks like this cannot happen to them. However, as we have shown, cyberattacks of this variety happen often, taking advantage of countless vulnerabilities across thousands of sites and platforms, compromising the integrity of millions.

Securing Your Site

Every year, we see a wave of cyberattacks across a variety of platforms and websites. There are groups of attackers that deliberately seek out vulnerabilities, such as those most recently attacked across WordPress. Regardless if your platform is big or small, these attacks do not discriminate. All websites are at risk when it comes to malware. That is why it is crucial to secure your website.

Tech Critic understands the dangers and potential risks of cyberattacks. We also understand how important protecting your privacy and information is. That is why we want to help to ensure your website is secure from attacks such as these. By keeping your site up to date and implementing daily backups, we can secure your site from malware like this. If you would like to secure your website and make sure your information is better protected, contact Tech Critic and let us help.

Leave a Comment


+ 8 = 12