Slashdot Mirror
WordPress Hacks Behind Surging Neutrino EK Traffic
msm1267 writes: More than 2,000 websites running WordPress have been compromised and are responsible for a surge this week in traffic from the Neutrino Exploit Kit. Attacks against sites running older versions of the content management system, 4.2 and earlier, were spotted by Zscaler. Those sites are backdoored and redirect a victim's browser through iframes to a landing page hosting the exploit kit where a Flash exploit awaits. The exploits generally target Internet Explorer, Zscaler said, and victims' computers are eventually infected with CryptoWall 3.0 ransomware. This analysis is in line with a similar report from the SANS Institute, which pointed the finger at a particular cybercrime group that had steered away from using the prolific Angler Exploit Kit and moved operations to Neutrino.
WordPress is a security problem
I know I'm going to catch flak for this.
WordPress and all of it's plugins and themes are a huge target for hackers and reliably available online.
The main problem is that users don't regularly update, or rather that they can't in many cases.
That is, assuming the plugins are updated for security holes at all.
I wouldn't be surprised if hackers had databases of the exact versions, plugins and themes of millions of WordPress installations.
Just wait for a new public disclosure, replicate the exploit and attack the matching sites in your database.
They could have hundreds of freshly hacked WP sites every week.
These sites may only stay hacked for a few days or weeks, but it's simple economics.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?