Welcome to WebmasterWorld Guest from 54.158.21.160

Forum Moderators: rogerd & travelin cat

Message Too Old, No Replies

Report: New Malware Campaign Targeting Vulnerable WordPress Plugins

Potential Google penatly

     
2:38 pm on Sep 18, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:24529
votes: 577


This looks a worrying development just getting under way, and as ever, the advice is make sure you have kept your WordPress files and plugins updated, or potentially, suffer from infecting users and their wrath, and immediately getting a Google penalty.

We are seeing a large number of WordPress sites compromised with the “visitorTracker_isMob” malware code. This campaign started 15 days ago, but only in the last few days have we started to see it gain traction; really affecting a large number of sites. Report: New Malware Campaign Targeting Vulnerable WordPress Plugins [blog.sucuri.net]
We detected thousands of sites compromised with this malware just today and 95% of them are using WordPress. We do not have a specific entry point determined yet, but it seems to be a campaign targeting latest vulnerabilities in plugins. Out of all the sites we detected to be compromised, 17% of them already got blacklisted by Google and other popular blacklists.
7:32 pm on Sept 19, 2015 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:3451
votes: 181


If people are not sure about which plugins are vulnerable - not specifically for this particular malware but for any vulnerability issues - you can look up the plugins you are concerned about at the WP security scan site: [wpvulndb.com...]
7:43 pm on Sept 19, 2015 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


WordPress..the more you add to it..the weaker it gets..
7:44 pm on Sept 19, 2015 (gmt 0)

Senior Member

WebmasterWorld Senior Member bwnbwn is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 25, 2005
posts:3547
votes: 19


well hell not2easy there looks to be 1600 of them and a large amount have been added recently. Looks like there is going to be a big wordpress wacking. This is exactly why I don't have use for wordpress just to much crap associated with using this CMS.
And Leosghost the slower it gets.
8:02 pm on Sept 19, 2015 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


The amazing thing is how many sites that use it , don't need to use either it or the add ons, they are small enough not to need a CMS, they use no comments, would be fine as just flat files ..
9:10 pm on Sept 19, 2015 (gmt 0)

Administrator from US 

WebmasterWorld Administrator not2easy is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2006
posts:3451
votes: 181


The amazing thing is how many sites that use it , don't need to use either it or the add ons, they are small enough not to need a CMS, they use no comments, would be fine as just flat files ..
Ahh, but that would require some learning.

WP itself is not the target (other than login attempts) and with a few basic settings and edits, it can be secure. It is the bells and whistles plugins that people add to their poorly secured installs that make that list so long. Many plugins only perform some cosmetic task that could be easily assigned to css. The number of people who don't get rid of the Admin as a privileged user is surprising as is the use of 'password' because it is easy to remember. No kidding. Some very simple and basic security steps are being skipped over. I am happy to see that WP has decided to make information widely available.
10:07 pm on Sept 19, 2015 (gmt 0)

Senior Member from FR 

WebmasterWorld Senior Member leosghost is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 15, 2004
posts:6717
votes: 230


Many plugins only perform some cosmetic task that could be easily assigned to css.

Yes..f'rinstance.."slide shows"..easily done, even "responsive" in pure CSS..or js and CSS for "older browsers".. the things on that list of plugins that could be done in a less ( or not at all ) vulnerable way..and I only looked at the first 10 pages..and then there is that when WP "update" the base or some plugin updates and affects others..it can all break and or become even more vulnerable..Oy!

Trouble magnet it is..