Cryptolocking WordPress Plugin Locks Up Blog Posts

[silversurfer]

Content source

https://threatpost.com/cryptolocking-wordpress-plugin/147016/

A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers.

According to analysis from Sucuri, the plugin obtains a list of all of the posts within the system and encrypts them with keys, using the AES-256-CBC method and the openssl_encrypt function. The posts are encrypted inside the database, but only the actual post content is encrypted— everything else is untouched. A log file is then generated with a list of the encrypted posts.

“This is the first time we’ve seen a plugin target specific blog posts on a website, but it’s possible that we’ll see this more often in the coming months,” Sucuri researcher Kasimir Konov said in a blog posting on Monday.

Read more below:

Cryptolocking WordPress Plugin Locks Up Blog Posts

A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts.

threatpost.com

Malicious Plugin Used to Encrypt WordPress Posts

Our security analyst describes how a malicious WordPress plugin is using the ‘AES-256-CBC’ method to encrypt post content.

blog.sucuri.net