Is Your WordPress Website Secure?

Marc Avila

Like any other website platform and content management system, WordPress is vulnerable to hackers, malware and other security threats. Over the past few weeks, a malware campaign has been targeting WordPress sites and placing their visitors at risk. If you haven’t already, you should check with your website maintenance team and see if your site has been compromised. If it has, they’ll need to take steps to address the problem. If it hasn’t, they should take extra precautions to keep the site safe.

Read on to learn more about the latest malware attacks and WordPress website security.

Debunking the 5 Big Myths About WordPress. The Huffington Post: “Myth No. 2: WordPress isn’t secure. With over 60 million websites, this system is certainly targeted by hackers. The vast majority get blocked. WordPress comes with robust security plugins, which are particularly useful for sites hosting ecommerce or other sensitive client information. And those plugins, along with other security measures, are only getting stronger. Last month’s update, for example, includes enhanced password security features. Password reset links will now only stay live for a limited time and passwords themselves will never end up in inboxes — a feeding ground for hackers. WordPress will even advise individual users on the safest possible password. And even those scant few successful breaches don’t mean WordPress is any less secure than rival platforms. The websites of CitiGroup, Google, and Zappos don’t run on WordPress and have also been hacked or attacked. Regular, common-sense precautions — like avoiding ‘password’ as your password — will protect average users from any shenanigans.”

Active WordPress Malware Campaign Compromises Thousands of Websites. ZDNet: “A new, active malware campaign has compromised thousands of WordPress websites in a matter of days, placing visitors at risk. The new campaign, detected by SucuriLabs, began 15 days ago but the rate of compromised websites has spiked in the last few days, according to the security firm’s CTO Daniel Cid. From the 15th to 17th of this month, the rate of infection has surged from 1,000 compromised websites a day to approximately 6,000 — and we are yet to see if this uptake slows down. The hijacked websites are being compromised with the “visitorTracker_isMob” malware which redirects as many visitors as possible to a landing page infected with a Nuclear Exploit Kit. The landing page is constantly changed but contains the same exploit.”

Hijacked WordPress Websites Infect Visitors With Malware. Hacked: “The attackers, according to the report by Sucuri, exploit vulnerabilities in the plugins of WordPress, but this claim has not been confirmed.

Google has launched a service that blacklists the compromised websites and warns users before they visit them. 17% of the websites infected by the campaign have already been blacklisted. One stunning piece of information is that the attackers have managed to gain access of Coverity, a security provider, and are using it for their redirection mechanism. The detailed report by Sucuri highlights all the details of the VisitorTracker campaign as it has been named by the website due to a function in the javascript file called visitorTracker_isMob(). They advise WordPress users to keep all their plugins updated in order to prevent themselves from being attacked by this malicious campaign. The report also provides website owners a Sucuri scanning tool to check whether their website has been affected by the VisitorTracker campaign.”

Compromised WordPress Sites Redirect Visitors to Nuclear Exploit Kit. SC Magazine: “According to the post, Sucuri is referring to the threat as the VisitorTracker campaign due to the function name in the malware code that is added to all JavaScript files on the compromised websites. The malware code ‘interacts with a secondary backdoor inside the site to force the browser to load a malicious iframe from one of their Nuclear Exploit Kit landing pages,’ the post said, noting that the landing page domain changes very often. Cid said the Nuclear Exploit Kit – which is typically used to infect vulnerable systems with malware – attempts to exploit vulnerabilities in a variety of products, including Flash, Java, QuickTime, and Adobe Reader.

‘Out of all the sites we detected to be compromised, 17 [percent] of them already got blacklisted by Google and other popular blacklists,’ the post said. ‘If you are a WordPress user, make sure you keep all your plugins updated, including premium ones.’”

My WordPress Website Was Hacked; How Do I Fix It? PostCrescent.com: “However local website developers are frequently contacted by companies who need assistance because their WordPress website was hacked. Typical symptoms are: The WordPress website is not showing up. Text and links have been maliciously added or the content has been replaced on the website. The home page is now redirected to a page announcing to the world that the site is hacked. Phishing/pharming pages have been installed into the website. Before you make that reactionary phone call to your hosting provider, we recommend you follow these steps. If you do a restore from backups prior to doing your homework, you may remove the evidence you need to track down the source of the compromise. This could lead to your site being compromised again.”

 

8 ways to get the most out of WordPress

Related Posts
SEO Considerations to Incorporate During a Website Redesign
Why Did INBOUND17 Rock?
3 Ways to Unlock Content Insights Using Google Analytics