Some 100,000 or more WordPress sites infected by mysterious malware


About 100,000 or more websites running the WordPress content management system have been compromised by mysterious malware that turns the infected sites into attack platforms that can target visitors, security researchers said.

The campaign has prompted Google to flag more than 11,000 domains as malicious, but many more sites have been detected as compromised, according to a blog post published Sunday by Sucuri, a firm that helps website operators secure their servers. Researchers have yet to confirm the cause of the infection, but they suspect it's related to a vulnerability in Slider Revolution, a WordPress plugin, that was disclosed in early September. Update: In a new blog post published after Ars went live with this brief, Sucuri says it has confirmed the so-called "RevSlider" vulnerability is the culprit.

The code causes pages to download the malicious payload from hxxp://soaksoak.ru/xteas/code. Judging from some of the reader comments, some administrators were surprised to find that the sites they oversee were infected. Sucuri's free site check scanner will detect sites that are actively compromised. Disinfection involves removing malicious code added to a script located at wp-includes/template-loader.php. WordPress admins who use the Slider Revolution plugin should also ensure it's up to date, but Sucuri noted the difficulty of getting all websites to universally apply the fix.

"The biggest issue is that the RevSlider plugin is a premium plugin, it’s not something everyone can easily upgrade and that in itself becomes a disaster for website owner," Sucuri stated in the latest post. "Some website owners don’t even know they have it as it’s been packaged and bundled into their themes. We’re currently remediating thousands of sites and when engaging with our clients many had no idea the plugin was even within their environment."

Read More

Comments

Post a Comment

Popular posts from this blog

NASA’s Super Guppy Gives Mars-Bound Spacecraft A Lift

Image
Today the Orion capsule, NASA’s spacecraft designed to bring humans to Mars, starts its next phase of development at Kennedy Space Center. The remarkable part is that just this morning, that large spacecraft was at NASA’s Michoud Assembly Facility in New Orleans. In order to carry Orion from New Orleans to Cape Canaveral, NASA recruited their Super Guppy aircraft. The Super Guppy has a cargo area that is 25 feet tall, 25 feet wide and 111 feet long. The jumbo plane can carry over 26 tons worth of cargo and is often used by NASA to ferry large components around the country that would take too long (or be impossible) to ship by land or by sea. The Super Guppy’s history dates back to the Apollo program. It was used in the 1960’s to carry parts of the Saturn V rocket from California to Florida. The other option NASA had was to ship rocket stages through the Panama Canal, which would often take weeks or months longer.
Read more

Dell XPS 13 2015 Review and Giveaway

Image
At Consumer Electronics Show 2015, Dell’s XPS 13 2015 edition swept the awards for laptops, particularly in the $800 price range. Considering the sheer quality of its competition, this was no easy feat. But, dude, are you getting a Dell? Read on to find out. Before going private, Dell’s sales weren’t doing great. It had slipped from the top PC seller to somewhere near sixth place in 2007. After a contested buyout in November of 2013, Dell’s future looked uncertain. However, its movements following the acquisition proved shrewd. Rather than releasing a deluge of models, as they had under public ownership, Dell refocused its efforts on building better products. The Dell XPS 13 2015 edition is part of the first line of laptops and tablets released following its departure from public ownership. The new line of Ultrabooks still use Dell’s made-to-order approach. Buyers configure their device online, selecting from a large number of parts and value-added options, with a base price of ...
Read more

Who To Follow On Twitter, According To Marc Andreessen

Image
Well-known Tweetstormer and investor Marc Andreessen has produced a list of his favorite people to follow on Twitter. He was prompted to do so by an article in The Information called “Silicon Valley’s Frontman Problem” by Jessica Lessin, who questioned if the industry leaders most often quoted by the media (she cited Andreessen, Elon Musk, and Peter Thiel) really “represent the views of the broader Silicon Valley community.” “The more media coverage Silicon Valley gets, the more important it is that other voices get heard,” Lessin wrote. (In addition to Lessin’s thought piece, New York magazine also just published an interview with Andreessen, in which he talked about the cultural changes in Silicon Valley since he arrived in 1994 and diversity in the tech industry, among other topics.) His list “only a highly abridged selection,” Andreessen (@pmarca) tweeted, but a helpful one because his public list of tech industry-related accounts has over 600 members. Since Andreessen’s ...
Read more