One of the first content management systems that comes to mind when it comes to creating and editing a site is WordPress. The fact that WordPress is a free and easy-to-understand personal publishing system is one of the main reasons it’s so popular with bloggers and amateur websites in particular.
If you’ve visited a website recently and were randomly redirected to the same pages with “resources” or unwanted advertisements, it could mean two things: The site in question was most likely either built with WordPress tools or hacked. According to a new study, WordPress themes and plugins that are known to have security vulnerabilities may be targeted by hackers.
Hackers attacked 6,000 sites in the past month alone
Researchers at Sucuri, a GoDaddy-owned security provider, found that hackers have known vulnerabilities It warns that it injects malicious scripts into WordPress themes and plugins. Stating that there are 322 WordPress sites using plugins and themes affected by the new exploit, Sucuri researchers also point out that the actual number of websites affected by the attack is probably much higher than that.
Sucuri malware analyst Krasimir Konov reports that in April alone, hackers attacked around 6,000 sites using this tactic. Konov stated that hackers’ intrusions were noticed as a result of investigating WordPress sites with unwanted redirect complaints; states that the files and databases of all of these sites contain hidden malicious JavaScript. Noting that this JavaScript redirects users to phishing pages and pages containing malware, Konov said; He adds that users may not realize that they are in a dangerous situation most of the time, because the redirected landing page looks quite innocent.
In a statement on the subject, Konov said, “This page tricks unsuspecting users into subscribing to push notifications from the malicious site. If users click on the fake CAPTCHA, they choose to receive unwanted ads even when the site is not open, and the ads appear to come from the operating system and not from a browser.”
Worse still, Konov says opt-in maneuvers for push notifications, He underlines that it is one of the methods most frequently used by hackers in order to activate the tech support scam.This scam method includes windows that pop up out of the blue saying that your device is infected with a virus and you need to call a phone number to fix the problem.
WordPress states that plugins and themes are regularly scanned
Speaking to Gizmodo, WordPress.com said that the plugins and themes are independently written and their core It records that it is excluded from the WordPres software. Regarding Sucuri’s report, the company states that all plugins or themes on WordPress.org are “regularly scanned for security vulnerabilities”.
“If security issues are detected, plugin and theme authors are notified immediately. According to Sucuri’s report, any unpatched plugin is either down or not hosted on WordPress.org. WordPress.org also provides security-related resources to both theme developers and plugin developers,” a WordPress.com spokesperson adds, adding that WordPress notifies and encourages its users to update core software, plugins, and themes by default.