Mass attack on sites with the WordPress engine
2018-10-01T14:27:05.479Z1 October 2018

Mass attack on sites with the WordPress engine

The network identified an automated mass attack, hitting sites developed on WordPress, which is used by about 30% of the ten million largest sites. During the attack, sites with an unrefined engine are affected, while various previously exploited vulnerabilities are exploited during malicious activity, both in the WordPress engine itself and in plug-ins to it.

During the attack in JavaScript files with the extension .js, in php-files with themes and plug-ins WordPress, as well as in the entry from the table wp_posts in the WordPress database, substitution of malicious insertion is performed. The code is substituted both in the clear form and the call form "eval (String.fromCharCode (....))" With a chaotic set of digits. When executing this block, the output of the block is the script download code from ads.voipnewswire.net, examhome.net, cdn.allyouwant.online, uustoughtonma.org, ejyoklygase .tk or mp3menu.org. All WordPress users are advised to make sure that the site engine and installed plugins are updated to the latest version.

There are several manifestations of malicious activity, the most notable of which is the redirection of the user who came to the site to third-party fraudulent resources. For example, redirecting to pages of fictitious messages about virus detection from technical support, trying to force a user to install a Trojan program, phone or specify the parameters of their account.

In addition, many misinterpret these warnings, taking them for penalties. "My clients see warnings from Google Search Console and are nervous. How do I disable it or bypass it? ": Write confusing users. However, such messages Google sends out since 2009, these are simple reminders about the need to update, addressed to operators of popular CMS (WordPress, Joomla, Drupal), registered in Google Search Console. There is nothing terrible in them. But after the frightened users flooded the forums with questions, Google representatives acknowledged that the reminder text should be made "more specific and less confusing".



Latest news
How to become LIR in 7 days

There is an Internet infrastructure that includes switches, routers, which require a fairly large number of ..

30 August 2018
How to avoid mistakes when choosing a hosting

Everyone says that they learn from mistakes, but sometimes these mistakes can lead to very large losses. The..

17 September 2018
What is the reason for the global increase in the nu..

In April 2017, there were 320 hyper-scalable data centers in the world, and in December their number was 390..

15 November 2018
How likely is it that your site will "fall" during t..

Holidays are a special time for many areas of activity. For some companies it's a dead season, for others it..

5 June 2018

Do you like cookies? 🍪 We use cookies to ensure you get the best experience on our website. By using our website you agree with our policy!