Security News > 2020 > February > Free trojanized WordPress themes lead to widespread compromise of web servers

Free trojanized WordPress themes lead to widespread compromise of web servers
2020-02-19 15:28

Over 20,000 web servers have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion researchers have discovered.

They are taking advantage of the widespread use of the WordPress content management system, an increased demand for premium themes and victims' lack of security awareness to get them to unknowingly compromise their own web servers.

To do that, they've set up as many as 30 websites that ostensibly offer thousands of free, pirated WordPress themes and plugins and hosted the trojanized themes and plugins on them - among the most popular ones were Ultimate Support Chat, WooCommerce product filter and Slider Revolution.

Oblivious victims download and install the trojanized packages, which drop malicious files that allow the criminals to gain full control over the web server.

The researchers named the malicious sites offering the trojanized themes and offered indicators of compromised that can help organizations check and detect whether their web servers have been compromised.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/yYAjxZCRZ8c/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Free 9 0 3 1 3 7