WordPress sites have recently been subjected to a slew of cyber threats. The consensus is that WordPress isn’t having a good time, whether it’s because of site takeovers or plugin vulnerabilities.
Last week, a wave of cyberattacks targeted 300 WordPress sites, displaying false encryption alerts and demanding 0.1 Bitcoin in ransom. Furthermore, by including a countdown timer, these ransom demands create a sense of urgency and panic. This appears to be a typical ransomware attack.
These WordPress websites were not encrypted, according to the researchers. The threat actors simply changed the settings of a plugin named Directorist to display a ransom note and countdown. As a result, this is a fake ransomware attack.
Why WordPress
One of the most well-known Content Management Systems (CMS) is WordPress. This, on the other hand, implies that it is a primary target for cybercriminals attempting to infect websites. The attackers used brute-force or stolen credentials purchased on the dark web to log in as admins on the sites. These attacks do not appear to be isolated; rather, they appear to be part of a larger campaign, implying that they may have purchased credentials from dark markets.
Recent WordPress Vulnerabilities
An authenticated user may use a severe security flaw in WP Reset Pro, a WordPress plugin, to wipe the entire database of a WordPress website.
More than a million websites were open to exploitation due to flaws in OptinMonster, an email marketing WordPress plugin. If left unpatched, the vulnerabilities may allow an unauthenticated user to steal personal data and install malicious JavaScript on vulnerable WordPress sites.
A high-severity bug in the Hashthemes Demo Importer WordPress plugin was discovered in October, allowing attackers to reset and delete vulnerable sites.
Concluding Words
When using popular CMS platforms like WordPress, keep an eye out for updates and software patches. Also, be cautious about the plugins you use. The current threat to WordPress websites is not a one-time event, and it is likely to continue in the future. Experts believe that true encryption cyberattacks will occur in the future.