silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,168
Read more below:A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers.
According to analysis from Sucuri, the plugin obtains a list of all of the posts within the system and encrypts them with keys, using the AES-256-CBC method and the openssl_encrypt function. The posts are encrypted inside the database, but only the actual post content is encrypted— everything else is untouched. A log file is then generated with a list of the encrypted posts.
“This is the first time we’ve seen a plugin target specific blog posts on a website, but it’s possible that we’ll see this more often in the coming months,” Sucuri researcher Kasimir Konov said in a blog posting on Monday.
Cryptolocking WordPress Plugin Locks Up Blog Posts
A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts.
threatpost.com
Malicious Plugin Used to Encrypt WordPress Posts
Our security analyst describes how a malicious WordPress plugin is using the ‘AES-256-CBC’ method to encrypt post content.
blog.sucuri.net