Security Updates

New Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites

December 30, 2022

Overview

Bleeping Computer and other sources reported that a previously unidentified Linux malware has been exploiting vulnerabilities in numerous outdated WordPress plugins and themes through the insertion of malicious JavaScript. This malware targets 32-bit and 64-bit Linux systems and grants the operator remote command abilities, according to a report by antivirus vendor Dr. Web. The trojan uses a set of hardcoded exploits that run continuously until one of them is successful. To defend against this threat, WordPress website admins should update to the latest available versions of the plugins and themes active on their site and replace those that are no longer developed/supported with reputable alternatives

Sources

https://linuxsecurity.com/news/hackscracks/new-linux-malware-uses-30-plugin-exploits-to-backdoor-wordpress-sites#:~:text=A%20previously%20unknown%20Linux%20malware,its%20operator%20remote%20command%20capabilities

https://www.bleepingcomputer.com/news/security/new-linux-malware-uses-30-plugin-exploits-to-backdoor-wordpress-sites/

Request a Consultation

"*" indicates required fields

Share with Your Network

Request a Consultation

"*" indicates required fields

Join Our Newsletter

M.A. Polce Locations

ROME • (315) 338-0388

401 Phoenix Drive
Rome, NY 13441

SOC 2® – SOC for Service Organizations: Trust Services Criteria

Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy

New Linux Malware Uses 30 Plugin Exploits to Backdoor WordPress Sites

Overview

Sources

Request a Consultation

Share with Your Network

Request a Consultation

M.A. Polce Locations

SOC 2® – SOC for Service Organizations: Trust Services Criteria

Quick Links

Upcoming Webinar:

The Many Sides of Cybersecurity

Download the "How Strong is Your Cybersecurity Culture?" Checklist!