Fake WordPress Plugin Comes with Cryptocurrency Mining Function

silversurfer · Oct 18, 2019

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency.

Researchers at website security company Sucuri noticed the number of malicious plugins increase over the past months. The components are clones of legitimate software, altered for nefarious purposes.

One of the plugins discovered by Sucuri to have a double purpose is a clone of "wpframework." It was found in September and attackers used it to "gain and maintain unauthorized access to the site environment," the researchers say.

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency.

www.bleepingcomputer.com

silversurfer · Oct 19, 2019

Hackers Backdoor Sites by Hiding Fake WordPress Plugins

Malicious plugins that hide in plain sight and act as backdoors are used by attackers to gain and maintain a foothold on WordPress websites, and to upload web shells and scripts for brute-forcing other sites.

www.bleepingcomputer.com

Search

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

silversurfer

Super Moderator

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

silversurfer

Super Moderator

Hackers Backdoor Sites by Hiding Fake WordPress Plugins

Similar threads