Friday, 4 April 2025
26.2 C
Singapore
27.2 C
Thailand
20.1 C
Indonesia
26.9 C
Philippines

Over a million WordPress sites attacked by a hacker in a month

WordPress users are being asked to make sure that all their plug-ins are up-to-date after a 30-fold increase in attack traffic targeting majorly cross-site scripting vulnerabilities were detected by a researcher.  The surge in this malicious traffic over the last month peaked on May 3, 2020, when over 20 million attacks were attempted against over […]

WordPress users are being asked to make sure that all their plug-ins are up-to-date after a 30-fold increase in attack traffic targeting majorly cross-site scripting vulnerabilities were detected by a researcher. 

The surge in this malicious traffic over the last month peaked on May 3, 2020, when over 20 million attacks were attempted against over 500,000 individual sites, according to Ram Gall from Wordfence.

Over the past month, Wordfence, a security vendor, detected attacks on over 900,000 sites from more than 24,000 IP addresses, all of which appear to be from the same malicious hacker. That is because the attacker is attempting to inject a similar JavaScript payload to insert a backdoor into a victim website and redirect visitors.

The attacks seek to exploit a few cross-site scripting vulnerabilities in the Newspaper theme, Easy2Map plug-in, and the Blog Designer plug-in. It also targeted the WP GDPR Compliance plug-in as well as the Total Donations plug-in.

Gall warned that the hacker behind all this might be able to pivot other vulnerabilities in the future.

The JavaScript used to attack the sites is designed to redirect users who are not logged-in to a malvertising URL. If the users are logged-in, the JavaScript tries to inject a malicious backdoor into a user’s current theme’s header file alongside another JavaScript, aiming to take control of the site. 

“The most important thing you can do in a situation like this is to keep your plug-ins up-to-date and to deactivate and delete any plug-ins that have been removed from the WordPress plug-in repository. The vast majority of these attacks are targeted at vulnerabilities that were patched months or years ago, and in plug-ins that don’t have a large number of users,” Gall advised.

“While we did not see any attacks that would be effective against the latest versions of any currently available plug-ins, running a web application firewall can also help protect your site against any vulnerabilities that might have not yet been patched,” he added.

Hot this week

Krafton strengthens presence in India with Nautilus Mobile acquisition

Krafton acquires a controlling stake in Indian gaming studio Nautilus Mobile for US$14M, strengthening its foothold in Indiaโ€™s growing gaming market.

Elon Muskโ€™s xAI acquires X for US$33 billion in an all-stock deal

Elon Muskโ€™s xAI acquires X in a US$33 billion all-stock deal, merging AI with social media for smarter user experiences.

Huawei reports 38% revenue surge as smartphone sales soar

Despite US sanctions, Huaweiโ€™s consumer business revenue surged 38% in 2024, driven by strong smartphone sales and home-grown chip production.

These robot vacuums are getting smarter with Apple Home support

Appleโ€™s iOS 18.4 update adds Matter support for robot vacuums, enabling control via Apple Home. Roborock, iRobot, and Ecovacs are updating their devices.

NUS partners with Microsoft Research Asia to advance AI research and nurture future tech talent

NUS and Microsoft Research Asia partner to boost AI research and develop future computing talent through a joint PhD and industry collaboration.

Spotify introduces AI-powered ads and programmatic ad buying

Spotify unveils AI-powered ads and the Spotify Ad Exchange, making it easier for advertisers to reach Gen Z listeners with real-time bidding.

YouTube expands shopping affiliate programme in Singapore through Shopee partnership

YouTube teams up with Shopee to launch its Shopping affiliate programme in Singapore, giving creators new ways to monetise their content.

Misconceptions about STEM careers continue to deter young women in Singapore

New research shows stereotypes and lack of support are deterring young women from STEM careers, posing a risk to Singaporeโ€™s innovation goals.

Synagie and HKT launch ShopHK to help Hong Kong brands expand into Southeast Asia

Synagie and HKT launch ShopHK, helping Hong Kong SMEs tap into Southeast Asia's booming US$600 billion e-commerce market.

Related Articles