Thousands of Unpatched WordPress Sites Compromised from Highly-Exploited Vulnerabilities
Running a website has never been an easy task despite claims made by some entities. To add insult to injury, being a webmaster becomes a difficult situation when your site is hit by a hacker who takes advantage of a discovered vulnerability. As it turns out, thousands of WordPress sites are vulnerable to attacks due to unpatched software that is giving remote attackers unadulterated access to such sites where they may pilfer and steal data.
WordPress continues to be one of the most popular platforms for the development of blogs and various websites that require a content management system. There are countless versions of WordPress, which are a result of repairing bugs and fixing vulnerabilities over the course of its 10 years of existence. As a free and open-source content management system (CMS) primarily based on PHP, there is no end to how hackers can attack sites running WordPress if the proper precautions aren't taken.
WordPress Sites Get Defaced And Leveraged To Send Spam
In recent events, according to security firm Sucuri, thousands of unpatched WordPress sites have been exploited by thousands of hackers. Just two weeks ago, WordPress rolled out an essential security update to address three vulnerabilities. The update was just after a previous one, which left many users concerned as to why there was such a short time period between updates.
The WordPress vulnerability that has led to thousands of sites succumbing to attacks by an onslaught of clever hackers has allowed the defacement and spamming of many sites. What hackers are doing in an effort to attack as many unpatched WordPress sites as they can is performing mass scans and exploit attempts over the Internet. The scans and exploit attempts have uncovered over 60,000 sites, and each of them has been compromised thus far.
Don't Be A Victimized Webmaster By Leaving Your WordPress Site Unpatched
In the discovery of the mass attack on unpatched WordPress sites, the security firm Sucuri has recommended that webmasters block certain IP addresses, which are believed to be the culprits in many of the attacks on vulnerable WordPress sites. So far, the IP addresses to block are: 176.9.36.102, 185.116.213.71, 134.213.54.163, 2a00:1a48:7808:104:9b57:dda6:eb3c:61e1.
There are multiple campaigns out there currently seeking unpatched WordPress sites, such as one carried out by the recently-identified hacker group Cyb3r-Shia. Many others may be in the process of using other unidentified IP addresses, which is reason to take action and update your WordPress website now rather than later. Otherwise, the compromised WordPress sites may be used to send out mass amounts of spam that may contain aggressive malware.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.