WordPress Plugin Hacked


Update March 7: The WordPress Directory team investigated and mitigated this issue by disconnecting thewooranker account from all plugins, reverting malicious changes in the CCTM plugin, and changing the version to 0.9.8.9. WordPress should automatically update to this new clean version.

If your site was compromised during the timeframe while the backdoored version (0.9.8.8) was installed,updating to 0.9.8.9 is not enough to clean the site – Please check the Mitigation section at the end of this blogpost.

Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causingmalvertising problems for websites that leveraged the plugin. When this plugin was removed from the officialWordPress Plugin directory, the authors revived another WordPress account with a long abandoned plugin

It’s a backdoor that can download files from hxxp:/ /wordpresscore .com/plugins /cctm /update/ (the domain name is definitely very suspicious) and save them with the .php extension in the plugin directory.

It looked like a typical backdoor that could be uploaded anywhere on a compromised server, not just in this particular plugin. We decided to check the original plugin package and, to our surprise, found the file in the source! We also discovered that we were not the only ones that found this file (although people on the forumseemed to believe that the file was just “vulnerable”). This really was worth investigating.

For more on this click here for the full story: https://blog.sucuri.net/2016/03/when-wordpress-plugin-goes-bad.html

Oh and aj Web Design Plus does NOT use WordPress for our customers!!


Featured Posts
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
aj Web Design Plus Logo

Website Proudly Created By: aj Web Design Plus

 

A Division of AJ Computers / AJC LLC ©  

  • Twitter Basic Black
  • Facebook Basic Black
  • Black Google+ Icon
  • Black YouTube Icon
  • Black LinkedIn Icon

AJ Computers, LLC / aj Web Design Plus

P.O. Box 9662

Trenton, NJ 08650

NJ Web Designer