Hackers Initiate Attacks Against Unpatched WordPress Sites

Few Weeks before WordPress secretly fixed the Zero-day Vulnerability in recent 4.7.2 security update .But researchers now start to see that many more Recent attacks are trying to spam users into buying drugs by phishing scam and looking for payment card details  leave behind links to rogue pharmaceutical websites .

Since latest updates released by word press ,many WordPress website are not yet updated the current version .

Up to 20 attackers or gatherings of assailants are ruining WordPress sites that haven’t yet connected a recent patch for a critical vulnerability.

The vulnerability, situated in the stage’s REST API, permits unauthenticated attackers to change the substance of any post or page inside a WordPress site. The defect was settled in WordPress 4.7.2, discharged on Jan. 26.

The simplicity of execution is so low thus simple, we’re seeing script kiddies get this endeavor and have a field day with it,” said Logan Kipp of SiteLock. We’re seeing these 20 or so extraordinary performing artists battling about control and overwriting disfigurement, ordinarily minutes separated.

“This is the first case we’re aware of where someone is trying for monetary gain,” Kipp said. “They’re trying to get you to visit rogue pharmacy sites where there’s an equally high chance they’re going to steal your credit card number and run. North of 50 percent of the time, that’s the case with these sites.”

Logan Kipp of SiteLock Said ,

If you have applied WordPress patch 4.7.2, the vulnerability is no longer present. Based on the information we’ve gathered, if you have disabled the REST API (enabled by default), you are not affected by the vulnerability.

We applied a virtual patch shortly after the issue was identified on January 21st. This virtual patch has protected all WordPress websites in the SiteLock network from this exploit since application. Nevertheless, we strongly advise that anyone still running WordPress v4.7 or 4.7.1 to apply the most recent WordPress update immediately.

By and large, WordPress site mutilations in view of this defenselessness raised rapidly from many thousands to more than 800,000 in a 48-hour time frame les sthan two weeks prior. The reason, as per WordFence, a WordPress security module designer, is that aggressors refined assaults to sidestep a decide that WordFence and others had executed to stem the tide of assaults. Two unique crusades followed by WordFence were in charge of near 700,000 ruinations all alone.

What is SiteLock and protection method:

SiteLock and the WordPress Security Team continue to maintain a close relationship by collaborating on security intelligence for the benefit of all WordPress users. In cases like this, in which a WordPress security patch is developed to prevent an exploit, SiteLock and the WordPress Security Team share advanced warnings with each other and quietly put additional security measures in place while the code for a patch is developed. This helps both parties to protect as many WordPress users as possible before the public release of the patch. Relax. We’ve got your back!

Also Read :

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

View Comments

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

13 hours ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

13 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

16 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

19 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

20 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

20 hours ago