Compromised WordPress and Joomla websites are being hacked to deliver ransomware and malware
Websites built on both WordPress and Joomla, two of the most popular content management systems used in publishing, are being used to deliver ransomware and other malware to visitors by hackers.
The hackers are exploiting vulnerabilities in themes, plug-ins and extensions on WordPress and Joomla and using them to deliver ransomware, phishing pages, backdoors, and redirectors.
Researchers have recently seen a spike in the number of infected domains that have been compromised in order to deliver these malicious attacks upon innocent users.
These attacks are being carried out through the use of a hidden directory on HTTPS. This well-known directory is used commonly by website owners in order to demonstrate ownership of the domain to the certificate authority that scans for code to verify that the domain is valid.
Cybercriminals, however, are using exploits to gain access to these hidden pages, where they can then hide malware and other malicious content from website administrators.
The most common threat deployed in this way has been Shade ransomware. Shade ransomware is also known as Troldesh ransomware.
More than 500 websites have been compromised, and thousands of attempts have been made to infect users coming across those sites with ransomware, phishing links, and other malicious content.
Phishing pages for these sites are hosted under SSL-validated hidden directories and pop-up in order to fool the potential victim into entering their username and password.
Compromised WordPress sites are on versions 4.8.9 to 5.1.1 and tend to be using outdated CMS themes or server-side software.
To read more about the technical analysis of the attacks, please see the link below.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648
RHYNO Networks was designed to meet the needs of the IT marketplace. Specifically, to offer businesses skilled, timely IT services in order for them to focus on their business. We’re dedicated to the principles of Reliability, Innovation and Customer Service.