WordPress Sites Targeted by Malware and Backdoors, Thousands Compromised

October 12, 2023 at 09:16 AM

•

1 min read

WordPress Sites Targeted by Malware and Backdoors, Thousands Compromised — Photo: The Hacker News

TL;DR Summary

Researchers have discovered a sophisticated strain of malware that disguises itself as a WordPress caching plugin, allowing it to create administrator accounts and gain remote control over compromised websites. The malware includes various functions such as pinging to check if it is still operational, file modification capabilities, and the ability to activate and deactivate plugins remotely. It can also create rogue admin accounts and alter posts and page content, injecting spam links or buttons. The malware aims to monetize victim sites while compromising SEO rankings and user privacy. The exact scale of the attacks and the initial intrusion vector are currently unknown.

Topics:technology #cyberattacks #cybersecurity #malware #rogue-plugin #website-security #wordpress

Share this article

Researchers Uncover Malware Posing as WordPress Caching Plugin The Hacker News
New WordPress backdoor creates rogue admin to hijack websites BleepingComputer
Backdoor Lurks Behind WordPress Caching Plugin to Hijack Websites DARKReading
Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023 The Hacker News
Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability Ars Technica
View Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

1 min

vs 2 min read

Condensed

69%

327 → 102 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights