By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    12 months ago
    BEWARE THE THINGBOT!
    12 months ago
    Is your PC a part of botnet? Check it!
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    2 days ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    3 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    3 days ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    For 0-day vulnerabilities in Windows, temporary patches
    12 months ago
    Windows 11 22H2 (build 22621.317) outs in the Release Preview Channel
    12 months ago
    How to avoid problems installing Windows 11 22H2
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Detecting zero-days before zero-day
    Detecting zero-days before zero-day
    21 hours ago
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    21 hours ago
    Network performance update: Birthday Week 2023
    Network performance update: Birthday Week 2023
    21 hours ago
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    2 days ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    2 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to use Yandex.Alice and Google Assistant on Android at the same time?
    12 months ago
    3 online services for online video processing
    12 months ago
    How to search for information like a pro. Part 1
    12 months ago
    Latest News
    How to enable extensions for Google Bard AI
    2 days ago
    Window 11 Copilot: 10 Best tips and tricks
    2 days ago
    How to create AI images with Cocreator on Paint for Windows 11
    3 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    4 days ago
  • Glossary
  • My Bookmarks
Reading: Hackers hit 900,000 WordPress sites in a week
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Hackers hit 900,000 WordPress sites in a week

Tom Grant
Last updated: 13 October
Tom Grant 3 years ago
Share
3 Min Read

Wordfence specialists noticed that a hack group launched a massive campaign against WordPress sites. Using various known vulnerabilities, attackers attempted to attack almost a million resources over the past week.

The attacks began on April 28, 2020 and resulted in a thirtyfold increase in the volume of malicious traffic monitored by the company. The group uses over 24,000 different IP addresses to attack and has already attempted to hack over 900,000 WordPress sites. The attacks reached their peak last Sunday, May 3, 2020, when hackers made over 20,000,000 attempts to break into 500,000 different domains.

Researchers write that the grouping mainly relies on exploiting various XSS vulnerabilities and using them to inject malicious JavaScript code into websites, and then redirect incoming resource traffic to malicious websites . The malware used by the attackers also checks if the visitor is logged in as an administrator in order to try to automatically create a backdoor using his account.

Wordfence says that attackers use the following vulnerabilities in their campaign:

  • XSS vulnerability in plugin Easy2Map which was removed from the WordPress repository back in August 2019. Attempts to exploit this vulnerability account for more than half of the total number of attacks, although the plugin is installed on less than 3000 sites;
  • XSS vulnerability in the plugin Blog Designer which was fixed in 2019. This plugin is used by approximately 1000 resources, but this vulnerability has already been exploited by other malicious campaigns;

  • Plugin bug WP GDPR Compliance, revised at the end of 2018. Other than other, the problem allowed attackers to change the home URL of the site. Although this plugin has more than 100,000 installations, analysts estimate that only 5,000 of them are currently vulnerable.

  • Vulnerability in plugin Total Donations, which allows you to change the site's home URL. This plugin was removed from the Envato Marketplace in early 2019 and currently has less than 1,000 live installs.

    XSS Vulnerability in the topic Newspaper which has been fixed way back in 2016. In the past this problem was also exploited by hackers.

Also, according to Wordfence experts, in the future attacks, the group can develop new exploits and expand its arsenal, which will entail attacks on other vulnerabilities.


Source: xaker.ru

Translate this article

TAGGED: Malware, PoC, Vulnerabilities, WordPress
Tom Grant October 13, 2022 September 30, 2020
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Detecting zero-days before zero-day
Detecting zero-days before zero-day
Apps 21 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps 21 hours ago
Network performance update: Birthday Week 2023
Network performance update: Birthday Week 2023
Apps 21 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 2 days ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 2 days ago

You Might Also Like

Detecting zero-days before zero-day
Apps

Detecting zero-days before zero-day

21 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps

See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan

21 hours ago
Threats

Beware of scammers! Dangerous apps in the App Store

2 days ago
How To Limit Login Attempts on WordPress (+ Should You?)
Wordpress Threats

How To Limit Login Attempts on WordPress (+ Should You?)

3 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme

10 New Stories

Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
Previous Next
Hot News
Detecting zero-days before zero-day
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Network performance update: Birthday Week 2023
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?