Get unlimited access. Save 70% when you subscribe today.

SmartCompany
Icon

Search

Create a free account, or log in

Technology

30,000 WordPress sites compromised in new wave of attacks

A new wave of attacks on websites running the WordPress content management system has led to 30,000 sites being hijacked by a cybercriminal gang. According to NetworkWorld, the hijacked websites contain pages that redirect users to drive-by attack sites. Researchers at Websense detailed the findings in a blog post. Researchers from security firm Sucuri found that […]
Andrew Sadauskas
Andrew Sadauskas
Icon

Share

A new wave of attacks on websites running the WordPress content management system has led to 30,000 sites being hijacked by a cybercriminal gang.

According to NetworkWorld, the hijacked websites contain pages that redirect users to drive-by attack sites.

Researchers at Websense detailed the findings in a blog post.

Researchers from security firm Sucuri found that a rogue plug-in named ToolsPack (which is known to contain a backdoor used by attackers) was installed on many of the compromised sites, while others used weak passwords or were running outdated versions of WordPress.

Users running WordPress are strongly advised to use strong passwords, update to the latest version of WordPress, and to be wary of the plug-ins they install.

About the author

Andrew Sadauskas

Andrew Sadauskas is a former journalist at SmartCompany and a former editor of TechCompany.

Similar topics

information technology
malware
wordpress

Recommended for you