Tuesday, 8 July 2025
31.3 C
Singapore
37.5 C
Thailand
25.6 C
Indonesia
29.3 C
Philippines

Over a million WordPress sites attacked by a hacker in a month

WordPress users are being asked to make sure that all their plug-ins are up-to-date after a 30-fold increase in attack traffic targeting majorly cross-site scripting vulnerabilities were detected by a researcher.  The surge in this malicious traffic over the last month peaked on May 3, 2020, when over 20 million attacks were attempted against over […]

WordPress users are being asked to make sure that all their plug-ins are up-to-date after a 30-fold increase in attack traffic targeting majorly cross-site scripting vulnerabilities were detected by a researcher. 

The surge in this malicious traffic over the last month peaked on May 3, 2020, when over 20 million attacks were attempted against over 500,000 individual sites, according to Ram Gall from Wordfence.

Over the past month, Wordfence, a security vendor, detected attacks on over 900,000 sites from more than 24,000 IP addresses, all of which appear to be from the same malicious hacker. That is because the attacker is attempting to inject a similar JavaScript payload to insert a backdoor into a victim website and redirect visitors.

The attacks seek to exploit a few cross-site scripting vulnerabilities in the Newspaper theme, Easy2Map plug-in, and the Blog Designer plug-in. It also targeted the WP GDPR Compliance plug-in as well as the Total Donations plug-in.

Gall warned that the hacker behind all this might be able to pivot other vulnerabilities in the future.

The JavaScript used to attack the sites is designed to redirect users who are not logged-in to a malvertising URL. If the users are logged-in, the JavaScript tries to inject a malicious backdoor into a user’s current theme’s header file alongside another JavaScript, aiming to take control of the site. 

“The most important thing you can do in a situation like this is to keep your plug-ins up-to-date and to deactivate and delete any plug-ins that have been removed from the WordPress plug-in repository. The vast majority of these attacks are targeted at vulnerabilities that were patched months or years ago, and in plug-ins that don’t have a large number of users,” Gall advised.

“While we did not see any attacks that would be effective against the latest versions of any currently available plug-ins, running a web application firewall can also help protect your site against any vulnerabilities that might have not yet been patched,” he added.

Hot this week

TikTok may dodge US ban with new app and ownership deal

TikTok could avoid a US ban with the launch of a new app on September 5 and a possible sale to non-Chinese investors, including Oracle.

Medow Health AI brings clinician-focused AI scribe to Singapore

Medow Health AI launches in Singapore with its real-time AI scribe to help doctors reduce admin tasks and improve clinical documentation.

E Ink transforms laptop touchpads into smart e-reader displays for AI use

E Ink’s new touchpad brings e-reader tech to laptops, offering a low-power screen for AI apps and assistants right under your fingertips.

Xiaomi opens new store at City Square Mall and launches Shopee presence in Singapore

Xiaomi opens its ninth store in Singapore at City Square Mall and launches its official Shopee store with promotional offers across both platforms.

DeepSWE, powered by Alibaba’s Qwen3-32B, outperforms rivals in global benchmark

Alibaba’s open-source Qwen model powers DeepSWE to global victory in AI agent rankings, signalling a shift in open-weight AI innovation.

Xiaomi Sound Pocket review: Small in size, big on sound

The Xiaomi Sound Pocket is a sleek, compact speaker with IP67 rating, smart tuning, and strong battery life for all-day listening.

Huawei defends AI model amid claims of using third-party code

Huawei denies using third-party models to train its latest AI, despite claims from a whistleblower and rising competition in China's tech sector.

AI will make cyber defence harder unless you think like a hacker

Cyber experts warn that AI is making cyber attacks smarter, urging firms to adopt a hacker mindset and prepare through simulations.

Persona 5: The Phantom X finally arrives in Southeast Asia

Persona 5: The Phantom X launches in Southeast Asia with a fresh story, fan-favourite characters, and a special event running until July 31.

Related Articles

Popular Categories