Massive WordPress keylogger snooping highlights the risks of using malicious Plugins

WordPress is the most popular tool for building marketing websites and even fully fledged web applications like social networks using BuddyPress and eCommerce sites using WooCommerce. Unfortunately the sprawling ecosystem is an issue that the WordPress community finds hard to contain.

With immense popularity, a large user base and somewhat shoddy architecture WordPress is a tempting target for foul play. The core software has automatic updates, that properly used would have prevented the Mossac Fonseca leak where WordPress had a part to play.

Avoid excessive use of WordPress plugins for security

Whether or not unmaintained Open Source was a reason for the Panama Papers leak does not mitigate the fact that the ecosystem of WordPress is a bit of a wild west. The secure core of WordPress does not do good if insecure third party plugins are used. The plugins are the real strength of WordPress, but also it’s biggest weakness.

Now there is a report that over 2,000 WordPress installations admin interfaces are compromised according to Ars Technica:

More than 2,000 websites running the open source WordPress content management system are infected with malware, researchers warned late last week. The malware in question logs passwords and just about anything else an administrator or visitor types.- More than 2,000 WordPress websites are infected with a keylogger

This is a follow up to the cleanup done of some 5,500 malicious plugins together with Sucuri and CloudFlare in December 2017. With the rise of Blockchain based cryptocurrencies, the current flavour of attacks also use users’ browsers to mine Bitcoin for a direct financial gain.

In 2018 WordPress remains as dominant as ever, but users should take care of keeping their installation up-to-date and avoid installing WordPress Plugins that are not well known and acknowledged. Especially illegally obtained commercial plugins are very likely to contain malicious code.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s