Results 1 to 1 of 1
Hybrid View
-
27th Jul 2014, 05:43 PM #1
Thousands of Websites Hacked Through Unpatched MailPoet Vulnerability
A security firm has determined that an attack against thousands of websites was conducted by threat actors through the vulnerable version of MailPoet plug-in for WordPress, which has received a patch at the beginning of the month.
On July 22, Sucuri, a company providing services for protecting website integrity, announced “a massive influx of broken WordPress websites,” but could not determine the cause.
The mystery was revealed the next day, in a blog post by Daniel Cid, CTO at Sucuri. He said that the attackers leveraged a flawed MailPoet version, which allowed them to inject any sort of code on the affected websites in order to carry out malicious activities such as spam campaign or malware delivery to the unsuspecting visitor.
The security glitch (zero-day) was also reported by Sucuri, who warned of its severity, especially in the context of the plug-in having been downloaded more that 1.7 million times.
No technical details were offered at that time, but it was said that the bug had to be taken seriously because it provided a potential intruder the possibility to take complete control of the targeted website.
Moreover, if the affected site shared the server with others, the malicious attack could be extended to them too, through cross-contamination. This is exactly what happened this week.
“To be clear, the MailPoet vulnerability is the entry point, it doesn’t mean your website has to have it enabled or that you have it on the website; if it resides on the server, in a neighboring website, it can still affect your website,” said Cid in the blog post.
He also mentions that the attacks start with an upload of a malicious theme; then, the attackers access the backdoor in “/wp-content/uploads/wysija/themes/mailp/,” which creates an administrator with the name 1001001.
Cid says that indication of a website being hacked through the MailPoet vulnerability is the presence of the following error:
Parse error: syntax error, unexpected ')' in /home/user/public_html/site/wp-config.php on line 91
In order to protect from this sort of attack, administrators are required to either remove the vulnerable component or upgrade it to the latest, safer release.Kepler Reviewed by Kepler on . Thousands of Websites Hacked Through Unpatched MailPoet Vulnerability http://i1-news.softpedia-static.com/images/news-700/Thousands-of-Websites-Hacked-Through-Unpached-MailPoet-Vulnerability.jpg A security firm has determined that an attack against thousands of websites was conducted by threat actors through the vulnerable version of MailPoet plug-in for WordPress, which has received a patch at the beginning of the month. On July 22, Sucuri, a company providing services for protecting website integrity, announced “a massive influx of broken Rating: 5
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
[VPS] Ultimate Offshore Linux/Windows VPS [Host all kinds of websites]
By ScopeHosts.Sales in forum ArchiveReplies: 10Last Post: 30th Jan 2012, 01:58 PM -
Should i enter the field of Ethical Hacking?
By vorazeal in forum General DiscussionReplies: 12Last Post: 31st Jan 2011, 08:36 AM -
Legalities of making money through uploading?
By Defiled in forum Webmasters, Money MakingReplies: 4Last Post: 22nd Nov 2010, 11:27 PM -
[Selling] Xrumer Blasts- Create thousands of backlinks
By djeuro in forum Completed TransactionsReplies: 31Last Post: 9th Apr 2010, 10:51 PM -
Thousands of BT customers accused of piracy
By clarksta in forum News & Current EventsReplies: 2Last Post: 2nd Dec 2009, 10:18 AM
themaPoster - post to forums and...
Version 5.22 released. Open older version (or...