WordPress Hackers Hit 900,000 Sites in a Week

Do repost and rate:

A new wave of hacks has struck nearly a million WordPress websites in a single week in late April and early May.

For months now, news of WordPress websites being flawed or targeted by attacks has been making headlines. Last week, however, an attack that dwarfed all others took place.

900,000 WordPress Websites Hit

According to recent reports, the new attacks were suspected to be a result of a single cybercrime group. The attacks lasted for approximately seven days and affected upwards of 900,000 sites.

Wordfence reported that the band of hackers conducted a week-long attack that caused a massive surge in bad traffic.

The attacks started on April 28 and reached a peak on May 3. Originally, the attackers attempted to exploit flaws found in XSS (cross-site scripting). Their goal was to install malicious JavaScript code in order to redirect new incoming traffic to other websites that contained malware.

They also hit vulnerable plugins, while some attacks revolved around breaching WordPress sites through scamsIt's no secret that the realm of Bitcoin and cryptocurrency are still in a bit of a "Wild West" phase.... More and malicious plugins.

New Attacks may be Coming

The attacks are certainly sophisticated enough, and Wordfence suspects that the attackers may even develop new exploits. That way, they could try to take advantage of other flaws and vulnerabilities that have yet to emerge.

Meanwhile, anyone who owns a WordPress website is advised to take necessary precautions as soon as possible. That includes updating all plugins, themes, and even installing a WAF (Website Application Firewall).

There is no certainty as to where or when the attackers might strike next, and reacting after the attack takes place is usually too late.

As mentioned, there are plenty of past reports that revealed what kinds of approaches hackers were using. One example is exploiting zero-days in WordPress plugins. Another incident saw hackers exploiting other vulnerabilities that led to the hijacking of e-learning platforms.

Do you want to Be In Crypto?

Join our Telegram Trading Group for FREE Trading Signals,a FREE Trading Course for Beginners and Advanced Traders

and a lot of fun!

Images courtesy of Shutterstock, Trading View and Twitter.

 https://beincrypto.com

Regulation and Society adoption

Events&meetings

Security and Scams

Ждем новостей

Нет новых страниц

Следующая новость

All content provided by the site, hyperlinks, related applications, forums, blogs, social networks and other information is taken from third-party sources and is intended for reference only. We make no warranties with respect to our content, including but not limited to accuracy and timeliness. No part of the content we provide is financial advice, legal advice or any other form of advice intended for any of your personal purpose. Any use of our content is entirely at your own risk. You should conduct your own research, review, analysis and verification of our content before relying on them. Trading is a very risky activity that can lead to large losses, so consult your financial Advisor before making any decision. No content on our site is a public offer or invitation to action.

This resource may contain 18+materials

© 2016-2024