Impreza Portal
Sign InMy ServicesMy DomainsMy InvoicesMy Tickets
Blog
Celebrative Logos
Our Platform
Tutorials
Video TutorialsKnowledge Base
More
UptimeNetwork StatusAffiliatesJobsAbout us
enEnglish ($ USD)
pt-brPortuguês (R$ BRL) (Portuguese (R$ BRL))
Contact
Submit Ticket (Less than 1hour to answer)Whatsapp (Less than 24hours to answer)Telegram (Less than 24hours to anwer)Report Abuse

Special Offer for Today only!

Maximum power with a
Dual Intel Xeon Silver 4116

A powerful machine with:

  • Dual Intel Xeon Silver 4116 (24 cores)
  • 128GB RAM
  • 4x 1.92TB SSD
  • 10Gbps uplink
  • USA Datacenter

From

$400/mo

To

  $300/mo

Complete hardware for your Servers, choose any OS you want, reinstall, install, shut it down or turn it on, you’re in control everytime!

Order Now
HOMEDOMAINS

Servers

Whether Offshore or Surface, we have it all, a lot of Server
options for various types of use!

Hosting

Hosting Services ready for your website, whether on
WordPress or another systems, we can handle it!

Email

Be professional online and get an unique Email with your
name or the name of your company!

Security

Browse the web freely by choosing any of our online
security methods, always be anonymous online!

Choose the Hosting Service that will fit you!

Choose a complete Website Hosting for your business, get everything you need to start online

All Products ➤
WEBSITE HOSTINGWEBSITE HOSTINGThe first step to let your website onlineThe first step to let your website onlineKNOW MORE

Get a Hosting Service that works for you and let’s begin a Journey together!

Recommended Services

SSL Certificates

Backup for Websites

Professional Email

CONTACT
Login
Sign InCreate an Account
No Comments

Plugins on WordPress.org were hacked in a supply chain attack

 

A hacker changed the source code of at least five plugins on WordPress.org to add harmful PHP scripts. These scripts create new admin accounts on websites using the plugins.

The Wordfence Threat Intelligence team found the attack yesterday, but it seems to have happened between June 21 and June 22.

When Wordfence found the problem, they told the plugin developers right away. This led to most of the plugins getting updated with fixes yesterday.

The five plugins have been installed on more than 35,000 websites:

  • Social Warfare 4.4.6.4 to 4.4.7.1 (fixed in version 4.4.7.3)
  • Blaze Widget 2.2.5 to 2.5.2 (fixed in version 2.5.4)
  • Wrapper Link Element 1.0.2 to 1.0.3 (fixed in version 1.0.5)
  • Contact Form 7 Multi-Step Addon 1.0.4 to 1.0.5 (fixed in version 1.0.7)
  • Simply Show Hooks 1.2.1 to 1.2.2 (no fix available yet)

Wordfence says it doesn’t know how the hacker accessed the plugin source code, but an investigation is ongoing.

While more WordPress plugins might be affected, current evidence shows only these five plugins were compromised.

Backdoor operation and IoCs

The harmful code in the infected plugins tries to create new admin accounts and add SEO spam to the website.

“At this stage, we know that the malware tries to create a new admin account and sends those details back to a server controlled by the attacker,” explains Wordfence.

“The attacker also added malicious JavaScript to the website’s footer, which adds SEO spam throughout the site.”

The data is sent to the IP address 94.156.79[.]8, and the fake admin accounts are named “Options” and “PluginAuth,” according to the researchers.

Website owners who notice these accounts or traffic to this IP address should do a full malware scan and cleanup.

“If you have any of these plugins installed, you should consider your installation compromised and immediately go into incident response mode.” –Wordfence.

Wordfence notes that some affected plugins were temporarily removed from WordPress.org, so users might see warnings even if they use a fixed version.

 

Source: BleepingComputer,

You might also like
Tips, Security, Commercialization, News, Marketing, Programming, WordPress
Tips, Security, Commercialization, News, Marketing, Programming, WordPress

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.