Lately, a cyber attack has been spotted, that is automatically redirecting the users to malicious domains. So Who are these users? Well, these users are those people, who are attempting to step into the WordPress websites. But they are not able to land on the targeted site but the scammers choose sites!!
Isn’t it quite intrusive? So what is the basic motive after this redirection of visitors to a whole new malicious site?
They are infected by a backdoor hack that infuses malware on the website, leading to information theft and virus transmission.
The files that had attackers’ web scripts injected onto them were jquery.min.js and jquery-migrate.min.js, and this happened every time the file was loaded, allowing the attacker to redirect website visitors to another webpage of their choosing. A security company warned that the domains in the redirect chain could be used for malicious purposes. The browser is tricked into showing ads that don’t come from the browser but the webpage.
The latest set of these cyberattacks matched the April set, both in the number of websites attacked and starting date. Konov warned of a new trend in cyberattacks in which hackers are exploiting vulnerabilities in plugins and themes to take control of websites.
Attackers are exploiting the Certificate Transparency system to circumvent new WordPress sites before they are properly secure. The effectiveness of the certificate to validate a website’s identity is measured by the standard of encryption technology.
The standard specifies how certificates issued by a CA will act. Though this standard was first implemented by the DigiCert CA in 2013, it is now globally recognized by major players like Facebook, Apple, and Microsoft.
A new way for hackers to infiltrate your site is through the logs of your applications. Hackers can gain access to sensitive data, such as a database name or password. If this happens, they can configure the CMS themselves and alter your site before it is secured by a password. One source claimed that the site was hacked within seconds of requesting the TLS certificate.
Although daily cyber-attacks are now common, they can only get worse if left unchecked. With many vulnerabilities and simple tools available for free online, a small attack can become more extensive. More importantly, open-source CMS such as WordPress has shown an increase in vulnerabilities.
Cyber-attacks have become regular and often headline stories. From hackers using malware to exploit vulnerabilities to just fan printing pages from vulnerable printers around the world, these attacks can cause serious damage. A WordPress security audit is more important than ever because of this increased threat.
The frequency of cyber-attacks has increased, with them being in the headlines nearly every week. These days some crazy fans might print pages from vulnerable printers around the world to vote for their favorite idol. At other times it may be hackers targeting popular CMSes with malware. The increase in cyberattacks demands a WordPress security audit more than ever.
In the end, it’s the responsibility of WordPress site owners to filter through content and protect their sites. Putting WordPress installations on the public internet without encryption is not safe, and should be reported to the hosting provider. Those who install WordPress directly are affected by these attacks, while those on a recommended host or automated installation are not.