• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

WordPress compromise led to huge phishing wave

Updated on Mar 27, 2014 by Guest Authors

Chances are, your WordPress-hosted site has been compromised and you have not yet sensed it.

Security research firm Netcraft has found that almost 12,000 sites running WordPress blogging have been used to spread phishing attacks and malware in February alone. The report does not come as a surprise, however. A vast majority of approximately 30 million domains hosted on WordPress naturally will fall prey to phishing scams due to the easily predictable default username “admin” and the publicly common interface for site administrators, the “wp-admin” or “wp-content”. Perhaps the issue can be helped if WordPress users are given a default username and password that are more difficult to predict – unique combinations of letters and figures.

wordpress-compromise

Site owners are also partly liable. When bloggers download the WordPress software and implement it, a cardinal rule is to keep the tool secure and updated. However, this is not always the case. Many are annoyed by the manual process of upgrading to newer versions of WordPress.

It was not until the release of  version 3.7 of WordPress that websites are able to automatically update themselves on certain conditions and settings. The process is still not immune to zero-day attacks, where hackers work their way through an unreported vulnerability to control the whole WordPress update installation backdoor or modify the settings to block future security updates – all without the site owner knowing that this is happening.

Netcraft’s statistics shows that most of the phishing content is most commonly located in the wp-content directory, where contents of the users are stored, and which is always writable by the web server process, effectively giving access to would-be attackers to drop malicious files in this directory. In other cases, external users can also write in the wp-includes and wp-admin directories if a WordPress installation is not hardened and the plugins outdated.

Sixty percent of phishing websites also distributed scams to Apple through the wp-admin directory while PayPal users were targeted by 25 percent of phishing sites.

How to remove WordPress malware

Like all other malware, there is no one-size-fits-all solution to the one infecting WordPress sites. But some helpful tips might be of help during or after an attack.

  1. Change the passwords for the FTP, cpanel and plesk access, as well as overwrite the file contained in the wp-config.php.
  2. Always maintain the latest backup for your website, though some hosting companies already do this task themselves.
  3. Regularly check the following for compromise: .htaccess file, database scripts and iframes, folders associated with WordPress installations
  4. Detect malware problems using the Google Chrome and Google Webmaster tools.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

VTOMAN FlashSpeed 1500 Portable Power Station Review

OpenRock S Review – Revolutionizing the World of Earbuds

KEF LS50 Bookshelf Speakers Review: A Sound Decision Over the LS50 Meta

ALLPOWERS SP033 200W Portable Solar Panel Review – Eco-Friendly Energy on the Go

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • VTOMAN FlashSpeed 1500 Portable Power Station Review
  • OpenRock S Review – Revolutionizing the World of Earbuds
  • AiDot OREiN & Linkind Matter Smart Light Bulb Review
  • OKP L1 Robot Vacuum Cleaner Review – Affordable Robot with LiDAR Navigation

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}