topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Sunday December 15, 2024, 6:02 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Malware uptick using WordPress Exploit  (Read 4082 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,914
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Malware uptick using WordPress Exploit
« on: September 18, 2015, 08:08 AM »
If you run a WordPress site, make sure it's updated and secure..

From ArsTechnica today:

Attackers have hijacked thousands of websites running the WordPress content management system and are using them to infect unsuspecting visitors with potent malware exploits, researchers said Thursday.

The campaign began 15 days ago, but over the past 48 hours the number of compromised sites has spiked, from about 1,000 per day on Tuesday to close to 6,000 on Thursday,


TaoPhoenix

  • Supporting Member
  • Joined in 2011
  • **
  • Posts: 4,642
    • View Profile
    • Donate to Member
Re: Malware uptick using WordPress Exploit
« Reply #1 on: September 18, 2015, 08:51 AM »

And it's not just some random even high profile site, but the sheer number makes for minimum 12,000 person-hours of repair and update just the servers, times a fully-valued $25 per man hour, that's $150,000 in damages not counting any of the other things-times-6000 that need to be done!

:o

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,778
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Malware uptick using WordPress Exploit
« Reply #2 on: September 18, 2015, 02:10 PM »
So what's the solution here? Nothing in that article stated whether the latest version of WordPress was vulnerable or not.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Malware uptick using WordPress Exploit
« Reply #3 on: September 18, 2015, 05:44 PM »
If you run a WordPress site, make sure it's updated and secure..
If you're running a WordPress site, switch to something else.

They've had way too many security incidents - I doubt they'll ever produce anything secure.
- carpe noctem