WordPress World-Wide Hacking Spree Begins With The Plugin Bug that Uploads Malicious Files

WordPress is currently attacked by a new plugin bug, triggering an internet-wide hacking spree. On Friday, Sept. 4, Defiant, the company behind the Wordfence web firewall, said that millions of WordPress sites were attacked and probed this week.

The total number of breached sites is more than half of the number of WordPress sites using the WordFence web firewall. However, since WordPress is installed in hundreds of millions of sites, Gall concludes that the attacks' true scale is even greater than what they've recorded.

Hackers could still be attacking and probing other WordPress websites. To prevent further breaches, the File Manager developer team developed and released a patch for the zero-day, the same day it discovered the attacks.

Some websites already downloaded the patch, while others are still lagging. Because of their slowness in patching, the WordPress developer team added an "auto-update" feature for WordPress plugins and themes. The site owners can configure plugins and themes in WordPress 5.5.

They can auto-update themselves every time a new update is released to make sure that their websites have the latest version of plugin or theme, that would help them prevent further attacks.

For more news updates about WordPress attacks, always keep your tabs open here at TechTimes.

This article is owned by TechTimes,

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics