1.6 Million WordPress Websites Below Cyberattack From Over 16,000 IP Addresses
1 min read

1.6 Million WordPress Websites Below Cyberattack From Over 16,000 IP Addresses

1.6 Million WordPress Websites Below Cyberattack From Over 16,000 IP Addresses


As many as 1.6 million WordPress websites have been focused by an lively large-scale assault marketing campaign originating from 16,000 IP addresses by exploiting weaknesses in 4 plugins and 15 Epsilon Framework themes.

WordPress safety firm Wordfence, which disclosed particulars of the assaults, stated Thursday it had detected and blocked greater than 13.7 million assaults aimed on the plugins and themes in a interval of 36 hours with the purpose of taking up the web sites and finishing up malicious actions.

Automatic GitHub Backups

The plugins in query are Kiwi Social Share (<= 2.0.10), WordPress Computerized (<= 3.53.2), Pinterest Computerized (<= 4.14.3), and PublishPress Capabilities (<= 2.3), a few of which have been patched courting all the best way again to November 2018. The impacted Epsilon Framework themes and their corresponding variations are as follows —

  • Activello (<=1.4.1)
  • Prosperous (<1.1.0)
  • Allegiant (<=1.2.5)
  • Antreas (<=1.0.6)
  • Bonkers (<=1.0.5)
  • Brilliance (<=1.2.9)
  • Illdy (<=2.1.6)
  • MedZone Lite (<=1.2.5)
  • NatureMag Lite (no recognized patch out there)
  • NewsMag (<=2.4.1)
  • Newspaper X (<=1.3.1)
  • Pixova Lite (<=2.0.6)
  • Regina Lite (<=2.0.5)
  • Shapely (<=1.2.8)
  • Transcend (<=1.1.9)

A lot of the assaults noticed by Wordfence contain the adversary updating the “users_can_register” (i.e., anybody can register) choice to enabled and setting the “default_role” setting (i.e., the default position of customers who register on the weblog) to administrator, thereby permitting an adversary to register on the weak websites as a privileged person and seize management.

What’s extra, the intrusions are stated to have spiked solely after December 8, indicating that “the not too long ago patched vulnerability in PublishPress Capabilities might have sparked attackers to focus on numerous Arbitrary Choices Replace vulnerabilities as a part of a large marketing campaign,” Wordfence’s Chloe Chamberland stated.

In mild of lively exploitation, WordPress web site homeowners operating any of the aforementioned plugins or themes are really useful to use the most recent fixes to mitigate the menace.



Leave a Reply

Your email address will not be published. Required fields are marked *