• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Write for Us
  • Contact
  • Advertise
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

WordPress compromise led to huge phishing wave

Updated on Mar 27, 2014 by Guest Authors

Chances are, your WordPress-hosted site has been compromised and you have not yet sensed it.

Security research firm Netcraft has found that almost 12,000 sites running WordPress blogging have been used to spread phishing attacks and malware in February alone. The report does not come as a surprise, however. A vast majority of approximately 30 million domains hosted on WordPress naturally will fall prey to phishing scams due to the easily predictable default username “admin” and the publicly common interface for site administrators, the “wp-admin” or “wp-content”. Perhaps the issue can be helped if WordPress users are given a default username and password that are more difficult to predict – unique combinations of letters and figures.

wordpress-compromise

Site owners are also partly liable. When bloggers download the WordPress software and implement it, a cardinal rule is to keep the tool secure and updated. However, this is not always the case. Many are annoyed by the manual process of upgrading to newer versions of WordPress.

It was not until the release of  version 3.7 of WordPress that websites are able to automatically update themselves on certain conditions and settings. The process is still not immune to zero-day attacks, where hackers work their way through an unreported vulnerability to control the whole WordPress update installation backdoor or modify the settings to block future security updates – all without the site owner knowing that this is happening.

Netcraft’s statistics shows that most of the phishing content is most commonly located in the wp-content directory, where contents of the users are stored, and which is always writable by the web server process, effectively giving access to would-be attackers to drop malicious files in this directory. In other cases, external users can also write in the wp-includes and wp-admin directories if a WordPress installation is not hardened and the plugins outdated.

Sixty percent of phishing websites also distributed scams to Apple through the wp-admin directory while PayPal users were targeted by 25 percent of phishing sites.

How to remove WordPress malware

Like all other malware, there is no one-size-fits-all solution to the one infecting WordPress sites. But some helpful tips might be of help during or after an attack.

  1. Change the passwords for the FTP, cpanel and plesk access, as well as overwrite the file contained in the wp-config.php.
  2. Always maintain the latest backup for your website, though some hosting companies already do this task themselves.
  3. Regularly check the following for compromise: .htaccess file, database scripts and iframes, folders associated with WordPress installations
  4. Detect malware problems using the Google Chrome and Google Webmaster tools.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

Phomemo PM-246 Pro Thermal Label Printer Review – Huge Savings for Online Sellers

59S Handheld UV light Sterilizer Wand (X5) Review

Why I Bought the 2nd Autonomous Kinn Chair with Mesh?

Autonomous AvoChair Ergonomic Office Chair Review – A Well-Built and Cute Looking Chair But …

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Phomemo PM-246 Pro Thermal Label Printer Review – Huge Savings for Online Sellers
  • 59S Handheld UV light Sterilizer Wand (X5) Review
  • 360 S9 Robot Vacuum and Mop Review – More Affordable LiDAR Robot
  • How to Add Continuation Pages with Form 8938 in H&R Block (Reporting Multiple Foreign Accounts)

Copyright © 2021 · All Rights Reserved