Dexter D

Harrison R

twitter

Maciej K

News

Your privacy is important to us. We promise to not send you spam!

Every week we share the most relevant news in tech, culture and entertainment.

Get the most talked about articles directly in your inbox


Antivirus vendor Dr. Web has reported that the Linux malware targets both 32-bit and 64-bit systems, allowing the
operator to have remote command capabilities. The primary function of the trojan is to hack into WordPress sites using
a series of hardcoded exploits until one of them is successful.

The following plugins and themes are known to be targeted:

-   WP Live Chat Support Plugin
-   WordPress – Yuzo Related Posts
-   Yellow Pencil Visual Theme Customizer Plugin
-   Easysmtp
-   WP GDPR Compliance Plugin
-   Newspaper Theme on WordPress Access Control (CVE-2016-10972)
-   Thim Core
-   Google Code Inserter
-   Total Donations Plugin
-   Post Custom Templates Lite
-   WP Quick Booking Manager
-   Faceboor Live Chat by Zotabox
-   Blog Designer WordPress Plugin
-   WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)
-   WP-Matomo Integration (WP-Piwik)
-   WordPress ND Shortcodes For Visual Composer
-   WP Live Chat
-   Coming Soon Page and Maintenance Mode
-   Hybrid
-   Brizy WordPress Plugin
-   FV Flowplayer Video Player
-   WooCommerce
-   WordPress Coming Soon Page
-   WordPress theme OneTone
-   Simple Fields WordPress Plugin
-   WordPress Delucks SEO plugin
-   Poll, Survey, Form & Quiz Maker by OpinionStage
-   Social Metrics Tracker
-   WPeMatico RSS Feed Fetcher
-   Rich Reviews plugin

If the targeted website has an outdated and vulnerable version of the above plugins or themes, the malware will
automatically fetch and inject malicious JavaScript from its command and control server into the website.

Infected pages can act as redirectors to locations chosen by the attacker, potentially being used in phishing, malware
distribution, and malvertising campaigns to evade detection and blocking. It is also possible that the operators of the
auto-injector are selling their services to other cybercriminals.

To defend against this threat, WordPress website admins should update to the latest versions of all themes and plugins
on their site, and replace any that are no longer being developed with supported alternatives. Using strong passwords
and enabling two-factor authentication can also help protect against brute-force attacks."


A recently discovered Linux malware has been discovered that uses vulnerabilities in outdated WordPress  plugins and themes to inject malicious JavaScript. The malware is known to exploit at least 30 different vulnerabilities.

News

Thousands of WordPress sites vulnerable by plugin backdoor

Follow us

Get the most talked about articles directly in your inbox