Over the past few weeks, we have seen an increase in attacks being targeted against websites. These attacks have all had one thing in common. They are attacking components of WordPress, a very popular Content Management System (CMS) used for creating websites that are not being kept up to date.
In most attacks we have seen recently, vulnerabilities are being targeted in out of date code used in plugins, themes or WordPress itself, and the attacker is gaining full control over the site, hiding malicious files which are then used as malicious links in spam campaigns. They use the hacked site to store these files, to make their links look legitimate, or avoid sites that have previously been used and blocked by spam and web protections.
If your site ends up in this situation, it is only a matter of time before security platforms and browsers identify those malicious files and block people from accessing your site as a layer of protection for their users. While this is great service for them, it’s not so great for your legitimate website that is now blacklisted.
With WordPress being used to build 35% of the worlds websites, it makes for a popular target if security problems are identified. To put into context how popular that is, it’s nearest competitor, Joomla, is used on 2.6% of sites. While the advice is not for WordPress alone, it is critical to ensure your themes, plugins and the CMS itself are regularly updated. If a vulnerability is found in one of these popular CMS systems, it only takes attackers a matter of hours to sweep the internet looking for vulnerable sites through tools like Shodan.
While WordPress’ popularity makes it a target, it also means there are lots of ways to protect it, with many plugins available to automatically take care of many of these issues. While we recommend you speak with your web developer about these items, the following two options may be a good place to start.
Companion Auto Update: This plugin will do as the title suggests. It will keep your site, themes and plugins automatically up to date.
Sucuri Security: This plugin has many features to it, but will advise if any core files have been modified, provide alerts when things are changed on your site and also assist with cleanups post hack.
If you are not aware if your website is being updated, we highly recommend you speak with your web developer, or contact RODIN and we can assist.
The following sites are reporting on these large scale attacks we have seen and provide detail on over 1 million sites being targeted due to vulnerabilities in certain WordPress items.