In a report published online by Wordfence, it was detailed with detail the way hacker groups with their malware were able to attack and storm WordPress sites.
This article gives tips for dealing with them. Thus, everyone will be armed to know how to avoid being the new victim of this attack on WordPress.
This article will also interest you: WordPress, security vulnerabilities at the mercy of two groups of hackers
The main threat to the WordPress site is not nothing but WP-VCD, a major criminal operation aimed at harvesting information about the sites hosted by the famous CMS. It's the most decisive operation that affects the majority of WordPress sites Attacked.
the report explains how this criminal operation strives to spread its malware, the way it works, its objectives and of course the data leaks it has been involved in and that may help determine the identities of its members.
But on the other hand, the report describes that intrusions as well as hacks could have been easily avoided because the group of hackers in question did not use a security vulnerability to access the site and install backdoors. Indeed, to succeed in their sleight of hand, hackers relied much more on the mistakes made by webmasters, to infect themselves, to remove pushing to install plug-ins or themes on their website. "The gang (the hackers) operates a vast network of websites (see list below) offering pirated themes and plug-ins. On these sites, the group offers free downloads of popular commercial themes, usually sold in online stores or on popular sites such as ThemeForest or CodeCanyon. Wordfence explains in its report. Sites involved in WordPress site infections include:
It must be admitted that on the whole, these sites are quite impressive in terms of web referencing. Indeed they are so well placed in the search bars especially when the downloaded keyword is accompanied by a search with ''theme''. "Searching for the name of a popular WordPress theme and the term "download" usually gives links to two or three of these malicious sites, directly at the top of Google search results.
This ensures the arrival of a new flow of victims malicious sites, feeding new victims in the WP-VCD botnet. Wordfenve told online media outlet ZDnet.
"Based on the results of the program analysis wordfence network, WP-VCD is installed on more new sites per week than any other malware in recent years month. veenstra, an analyst at Wordfence. She will add that "The prevalence of malware is surprising since the campaign it itself has been active for more than two years. ». it will eventually end up noting that the majority of hacking operations tend to disappear from the moment that webmasters decided to deploy appropriate security measures.
This wave of hacking aims to create a Botnet. However, it is known that once the sites are infected, users will be constantly written to other malicious sites allowing the hacker here to generate revenue through the pay-per-user redirect system. It also uses it to disseminate illegal advertising. But as the wordfence consultant has meant, it's pretty easy to get rid of the programs used by hackers. You just have to practice a traditional cyber defence system through security professionals.
Now access an unlimited number of passwords: