Security News > 2020 > June > Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend.
The campaign unsuccessfully attempted to exploit old cross-site scripting vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials.
By downloading the sites' configuration files, an attacker would gain access to the site's database, where site content and credentials are stored, said researchers with Wordfence who spotted the attack.
Between May 29 and May 31, researchers observed over 130 million attacks targeting 1.3 million sites.
"If your server is configured to allow remote database access, an attacker with your database credentials could easily add an administrative user, exfiltrate sensitive data, or delete your site altogether. Even if your site does not allow remote database access, an attacker who knows your site's authentication keys and salts may be able to use them to more easily bypass other security mechanisms."
News URL
https://threatpost.com/attackers-target-1m-wordpress-sites-to-harvest-database-credentials/156255/