CyberNews Briefs

WordPress sites under attack as hacker group tries to create rogue admin accounts

Threat actors are adding backdoor admin accounts to compromised WordPress websites as part of an ongoing campaign targeting over 10 vulnerable plugins for the highly popular content management system, a security researcher with Defiant has discovered.

The campaign was first spotted last month. At first, the attackers were injecting WordPress websites running vulnerable plugins with malicious popups and redirects to different websites. However, the attackers upped the ante on August 20, when they began creating rogue admin accounts for compromised websites.

The vulnerable WordPress  plugins being targeted include outdated versions of:

  • Bold Page Builder
  • Blog Designer
  • Live Chat with Facebook Messenger
  • Yuzo Related Posts
  • Visual CSS Style Editor
  • WP Live Chat Support
  • Form Lightbox
  • Hybrid Composer
  • All former NicDark plugins

Read more: WordPress sites under attack as hacker group tries to create rogue admin accounts

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.