No doubt WordPress plugins has made our work easier but sometime it cause to hack our website and it happens in the last few days. Sucuri reported there are over 50,000 websites hacked because of un-upgraded WordPress plugins and there are still several sites need to update their WordPress plugins.
Daniel Cid, Sucuri’s chief technology officer shared in his blog post that the attack is moving beyond WordPress many other systems are being cooperated. The compromise is started on the world’s largest content management system but if there are some more websites on the same server it is expected that the malware would try to spread itself on those sites. Daniel shared, Joomla and Magento are the major sites that are hacked due to cross-site contamination.
Daniel also added in his blog post that the Backdoor would be guilty for generating admin user 1001001 and inserts the code (backdoor) to all the themes or core files. This hacking attack would infect the file by overwriting valuable files and version them irretrievable.
This susceptibility could help the hackers to insert the spam-bots or malware on thousands of WordPress website. Mailpoet express regret for this serious hacking issue of the release of un-confidential WordPress plugin, added it will run evaluations for the interior security beside with the perception tests to find the issues before the freedom the use of WordPress plugins.
Source: Read Full Story