Online security can be quite a challenge to maintain these days actually, and it does not help when users are less than knowledgeable. In fact, approximately 50,000 sites have been allegedly hit by backdoors no thank to malware that target a popular and vulnerable WordPress plugin, at least according to Daniel Cid, a researcher. Daniel Cid is the founder of Sucuri, and he claims that the malware has the ability to infect just about any site which resides on the server of a hacked WordPress website. This particularly flawed plugin would enable anyone with malicious intent to “inject anything” into sites, and this would range from spam to defacing the site itself and malware.
Some 50,000 sites have been sprayed with backdoors from shonky malware targeting a popular and vulnerable WordPress plugin, according to researcher Daniel Cid. Sucuri founder Cid says the bodged malware can infect any site that resides on the server of a hacked WordPress website. The flawed plugin allowed attackers to “inject anything” into sites including malware, defacements and spam. “The malware code had some bugs: it was breaking many websites, overwriting good files and appending various statements in loops at the end of files,” Cid said in a blog. “All the hacked sites were either using MailPoet or had it installed on another sites within the same shared account — cross-contamination still matters. “To be clear, the MailPoet vulnerability is the entry point, it doesn’t mean your website has to have it enabled or that you have it on the website; if it resides on the server, in a neighbouring website, it can still affect your website.” Cid urged WordPress sites to update their vulnerable plugins. Admins could look for an obvious sign of infection with the error: “Parse error: syntax error, unexpected ‘)’ in /home/user/public_html/site/wp-config.php on line 91”. More technical detail was available on the Sucuri blog.