Comments On Thousands Of WordPress Sites Hacked To Fuel Scam Campaign

According to security researchers, over 2,000 WordPress sites have been hacked to fuel a campaign that redirects visitors to scam sites containing unwanted browser notification subscriptions, fake surveys, giveaways, and fake Adobe Flash downloads. Security firm Sucuri detected this hacking campaign last week. Some of the vulnerable plugins seen being exploited are the “CP Contact Form with PayPal” and the “Simple Fields” plugins.

Experts Comments

January 23, 2020
Ameet Naik
Security Evangelist
PerimeterX
WordPress plugins are another example of third-party risks to websites, and have been a frequent target in the past. A single compromised plugin can infect tens of thousands of websites in one stroke, hence they remain a popular attack vector. The technique seen in this attack is very similar to what we see with Magecart attacks where additional scripts are loaded from malicious domains. These scripts can perform any action ranging from hijacking the user to a scam site, or sniffing PII from.....Read More
WordPress plugins are another example of third-party risks to websites, and have been a frequent target in the past. A single compromised plugin can infect tens of thousands of websites in one stroke, hence they remain a popular attack vector. The technique seen in this attack is very similar to what we see with Magecart attacks where additional scripts are loaded from malicious domains. These scripts can perform any action ranging from hijacking the user to a scam site, or sniffing PII from form fields. Website owners must be cautious while using external plugins and ensure they stay up to date with security patches.  Read Less
January 24, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
An organization's "front door" is their website and a target for criminals as they attempt to gain access to install malicious code and malware for all who visit their website. The security for the website should be extremely robust with a well documented and repeatable change control program, including regular patching. Organizations using plugins need to verify all updates and test them to reduce the risk of infecting users who visit their website. The determination of the validity and.....Read More
An organization's "front door" is their website and a target for criminals as they attempt to gain access to install malicious code and malware for all who visit their website. The security for the website should be extremely robust with a well documented and repeatable change control program, including regular patching. Organizations using plugins need to verify all updates and test them to reduce the risk of infecting users who visit their website. The determination of the validity and importance a plugin is for their website is part of the chagne control and security supply chain program. The security supply chain provides organizations the opportunity to audit the plugins, whether it's done with vulnerability scans or manually checking the code from the developer. These practices can greatly reduce the likelihood of a data breach or a defaced website. Organizations that face these types of attacks should have a well documented backup and repeatable rollback procedures in the unfortunate attack of their website so they can stay operational with the least amount of downtime.  Read Less
January 24, 2020
Mike Bittner
Associate Director of Digital Security and Operations
The Media Trust
Campaigns that redirect users of legitimate sites to scam sites underscore the problems with relying on digital third-parties. While digital third-parties provide much needed support to websites that must meet the growing demands of website users, they also expose site owners and users to security and privacy risks. The code they run on today's websites lie outside the website owners' perimeter. As a result, owners don't know who's running what code on their sites, and what impact this might.....Read More
Campaigns that redirect users of legitimate sites to scam sites underscore the problems with relying on digital third-parties. While digital third-parties provide much needed support to websites that must meet the growing demands of website users, they also expose site owners and users to security and privacy risks. The code they run on today's websites lie outside the website owners' perimeter. As a result, owners don't know who's running what code on their sites, and what impact this might have on users. Meanwhile, bad actors are capitalizing on this growing reliance on digital third parties, who all too often bring their software to market without much thought given to security and privacy. While this arrangement may have worked in the past, the passage of the CCPA has shaken up the industry with stiff penalties and private right of action in case of a breach. The upshot, companies can no longer take privacy and security lightly.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.