Backdoors Found In Popular WordPress Themes And Plugins
Over 300,000 WordPress sites have been left vulnerable and open to attack, following the discovery of a supply chain attack.
Bleeping Computer reports that cybersecurity researchers for Jetpack, a security and optimisation tool for WordPress, found that a malicious actor had compromised AccessPass, a developer of themes and add-ons for the CMS platform.
AccessPass has a portfolio of 40 themes and 53 plugins, and all of the free ones are reported to have been compromised so that when installed, they allow cybercriminals full control over the website.
According to the report, the researchers did not test commercial plugins or themes and are as yet unable to confirm if they have also been compromised.
The report also states that the malicious code that grants attackers access, covers its tracks with relative success. The only way to discover if a site was compromised or not, is to use a core file integrity monitoring solution, it was said.
Selling the vulnerability online
The researchers found that the backdoor was used to redirect visitors to malware-installing and scam sites. The lack of complexity to the second step of the hack has led researchers to believe that the original malicious actors likely sold access to third parties on the dark web.
The vulnerability affects 360,000 websites that are using AccessPass’ add-ons and themes. It was dissevered by Jetpack in September last year and were pulled from the store by the developer, before being replaced with updated and clean versions on 17 January.
However, if the site has already been compromised, simply installing the latest version will not remove the backdoor. It will just prevent future threats. At present, the only way to clean up the site is to migrate to a different theme.
To learn if your site was compromised, WordPress users can follow the instructions found here.
If you’re looking for web development in Hull, get in touch today.
We couldn’t be happier with the result. From start to finish, Blink guided our team through the process, listened to our requirements and created a bespoke digital solution.
From start to finish, Blink diligently guided Reflex Data through a digital transformation process to enhance our customer experience.
Happy to recommend Blink to anyone looking to undertake a digital project of this magnitude.
In just 12 months of starting the SEO campaign, Blink increased our qualified traffic levels and HFR Solutions CIC has enjoyed a month on month increase over the course of a 24 month period.
Jake, Ben and James are all extremely professional and all round nice people. Our website is exactly what we wanted! I would highly recommend blink, especially if you are a charity like us!