Posted on 12/17/2014 5:36:15 PM PST by Ernest_at_the_Beach
Researchers from Sucuri, a security firm, reported on Monday that vulnerabilities affecting a WordPress plugin are being used by hackers to compromise websites and spread malware to users’ computers. According to this report, exploiting a vulnerability in Silder Revolution, over 100,000 WordPress sites have been compromised so far. The code script planted on targeted sites loads a JavaScript malware hosted on a .ru domain.
Slider Revolution is a popular WordPress premium plugin helping users to create responsive sliders. The plugin vulnerabilities were used widely by remote attackers to download files from affected servers. The flaw in a local file inclusion (LFI) affected version 4.1.4 and earlier, and while it was patched by the developer, a large number of sites remain affected.
Here is how the attack happens:
Slider Revolution is being used by over thousands of websites. However, issue becomes bigger as the plugin is wrapped into a number of WordPress theme packages making site owners completely oblivious of the fact that their sites are open to targeted attacks.
In an effort to minimize impact on the larger internet, Google has already blacklisted over 11,000 websites affected by this soaksoak malware. However, WordPress websites admins can check the security of their sites by using free Sucuri scanner. The malware was first discovered by Sucuri in September, while it has been in works since February.
– Complete report: Sucuri
fyi
JavaScript is evil, this is just the proverbial “tip of the iceburg”.
My hosting company notified us of this yesterday.
Example: www.inhousetechies.com
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.