Recently, a new type of Linux malware has been discovered which targets WordPress websites and exploits over two dozen flaws in Content Management Systems (CMS) including WordPress. This malicious software has the potential to cause significant damage to any website it is deployed on.
The security flaws exploited are primarily targeted at websites running on the Linux platform and are often used to inject malicious code into the website’s source code. This code can then be used to steal user data, gain access to sensitive information, and even launch distributed denial of service (DDoS) attacks.
The WordPress plugins and themes targeted are listed below.
- WP Live Chat Support
- Yuzo Related Posts
- Newspaper (CVE-2016-10972)
- Thim Core
- FV Flowplayer Video Player
- WooCommerce
- Coming Soon Page & Maintenance Mode
- Onetone
- Simple Fields
- Social Metrics Tracker
- WPeMatico RSS Feed Fetcher, and
- Rich Reviews
- WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)
- WP-Matomo Integration (WP-Piwik)
- ND Shortcodes
- WP Live Chat
- Coming Soon Page and Maintenance Mode
- Total Donations
- Post Custom Templates Lite
- WP Quick Booking Manager
- Live Chat with Messenger Customer Chat by Zotabox
- Blog Designer
- Hybrid
- Brizy
- Yellow Pencil Visual CSS Style Editor
- Easy WP SMTP
- WP GDPR Compliance
- Delucks SEO
- Poll, Survey, Form & Quiz Maker by OpinionStage
Fortunately, there are a few steps that website owners and administrators can take to protect their sites from malicious software. The first is to ensure that all WordPress plugins and themes are up-to-date. Additionally, it is important to keep all WordPress core files up to date to ensure that the latest security patches are applied.
Another way to protect WordPress websites is to use a web application firewall (WAF). A WAF is a software-based security system that is designed to detect and block malicious traffic from entering a website. Many of the popular WAFs are capable of detecting and blocking malicious software.
Finally, it is essential to regularly back up a website’s data. This will ensure that any data lost due to malicious software can be recovered. Additionally, website owners should always use strong passwords and two-factor authentication to protect their sites from unauthorized access.
Conclusion
This Linux malware has the potential to cause serious damage to WordPress websites. However, website owners can take a few simple steps to protect their sites from malicious software. By keeping WordPress plugins and themes up to date, using a web application firewall, and regularly backing up data, website owners can help ensure that their sites remain secure.