WordPress is currently threatened by threat actors who are trying to compromise the sites. Redirection to malware advertising (malvertising) is the main aim of these complications that are arising.
Wordfence analysts have reported that this is not the first time these attacks on WordPress have happened. However, they show concern as this is the first time it has been in such frightening quantities and in such a short time.
An Insight
While most of the previously attacked vulnerabilities in the word press system have been fixed, it is easy to trace an apparent interest in these particular sites.
Of all the various attacks on WordPress in more than a year, the payload they have been trying to inject is still the same. This has led the analysts to believe that the threats might all be coming from the same threat actor.
This JavaScript they are trying to inject has long been redirecting unsuspecting users to malvertising. The threats have been in trying to create a PHP backdoor in the theme’s header file so they could install the JavaScript malware. The analysts have predicted similar attacks on vulnerabilities in other themes and plugins.
A Possible Solution – How To Handle This.
WordPress analysts have strongly recommended installing and running a web application firewall. Although they have great faith in their newest plugin versions.
K2 Cyber Security emphasized that perimeter security tools like WAFs require a lot of tuning. This tuning is to present them effective at protecting applications. Besides, most companies don’t have the security resources needed to do a proper job.
For most, the safest thing to do to secure themselves would be to keep plugins and themes up to date. Also to delete plugins that are no longer in use and those that have been removed from the WordPress plugin repository.
With the indicators provided by Wordfence has provided to a compromised site, administrators can keep track in a relatively easy way of whether or not they have been attacked.
