Security researchers have discovered thousands of backdoored plugins and themes for the popular content management systems (CMS) that could be used by attackers to compromise web servers on a large scale.
The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor named “CryptoPHP.” Security researchers have uncovered malicious plugins and themes for WordPress, Joomla and Drupal. However, there is a slight relief for Drupal users, as only themes are found to be infected from CryptoPHP backdoor.
In order to victimize site administrators, miscreants makes use of a simple social engineering trick. They often lured site admins to download pirated versions of commercial CMS plugins and themes for free. Once downloaded, the malicious theme or plugin included backdoor installed on the admins’ server.
“By publishing pirated themes and plug-ins free for anyone to use instead of having to pay for them, the CryptoPHP actor is social-engineering site administrators into installing the included backdoor on their server,” Fox-IT said in its analysis on the attack.
Once installed on a web server, the backdoor can be controlled by cyber criminals using various options such as command and control server (C&C) communication, email communication and manual control as well.
The CryptoPHP backdoor has already a widespread iIntegration into popular content management systems like WordPress, Drupal and Joomla. At OneHourSiteFix we have already fixed hundreds of sites that have been affected by this vulnerability
Contact OneHourSiteFix For Help
It is imperative you keep updated all the libraries on your server, your CMS (WordPress,etc) and any plugins you have. Also ONLY download plugins and themes from the official sites. If you need any help in updating your site or checking the validity of your plugins just remember OneHourSiteFix is here to help. Just drop us a chat or mail and we will happily help you with this task. Never has the phrase ‘A Stitch In Time Saves Nine’ been more appropriate.
Helping Make Internet A Safer Place!
Leave A Comment