Pi Network - auto mobile mining: Join now and be one of the pioneers!!

Blog

WordPress plugins are typically used to provide webmasters with additional functionality for their websites. However, what they might not know is that some of these plugins may contain a hidden cryptocurrency mining exploit.

Researchers at website security and threat detection company Sucuri have detected several WordPress plugins that contain functions that are used to secretly mine cryptocurrency on affected machines.

Copy, Paste, Repeat

According to Sucuri researchers, these plugins take the guise of several popular WordPress plugins, cloning their features while adding functionality that allows the plugin to change permissions on the underlying server and execute Linux executable binary code using the eval function.

By doing this, the attacker is essentially able to secretly run code on the server, including a cryptocurrency miner binary file known as ‘Multios.Coinminer.Miner-6781728-2.’ Once the Multios crypto miner has been executed on the target system, it will then operate silently in the background, using up server resources to surreptitiously mine cryptocurrencies which are funneled back to the attacker.

wordpress mining

wordpress mining

By copying to code of popular pre-existing plugins and combining it with an already known crypto mining binary, the attacker is able to cover much more ground, producing potentially endless combinations of infected plugins and exploits. Because of this, infected machines could be used for much more than just cryptocurrency mining, such as mail spamming, DDoS and brute-force attacks.

Sucuri also found that this particular malicious plugin is a copy of version 1.16.16 of UpdraftPlus, a WordPress plugin used to simplify backups and restorations. Two commonly detected variants of the malicious plugin are known as ‘initiatorseo’ or ‘updrat123’.

Staying Safe

Unfortunately, simply removing the plugin typically does not resolve the attack, since only the original plugin installation files will be removed, leaving the nefarious binary code untouched. Instead, webmasters will need to ensure they perform regular server-side security scans to detect any unauthorized code and maintain proper control over access permissions.

WordPress users should ensure that they are running a capable web application firewall on their server, or can use Sucuri’s own ‘Sucuri Scanner’ WordPress plugin to help maintain the integrity of their server.

wordpress hack

wordpress hack

This now adds WordPress to the growing list of platforms that have been targeted by malicious parties looking to steal resources for the purposes of mining cryptocurrencies. Just days ago, BeInCrypto also reported that hackers have now turned to exploiting WAV files for deploying cryptojacking code—is there nowhere safe?

What do you think is the best way to deal with the rise in cryptojacking attempts? Let us know your thoughts in the comments below.


Images are courtesy of Shutterstock.

No Comments

Be the first to start a conversation

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

Pi Network - auto mobile mining

Become one of the pioneers!!

Random Posts

DOWNLOAD MY EBOOK FOR FREE

"Your Headline Here How I Made $4947 In 1 Month"

Lorem pretium lorem orci elit nunc imperdiet nec vel sit pretium hendrerit amet nec orci gravida gravida sapien purus massa

Quick Bio About Me

mypicmeLorem proin accumsan accumsan volutpat ut nullam odio eleifend libero quisque ipsum gravida eleifend dolor nunc sagittis venenatis orci eleifend lorem quisque venenatis non sagittis sagittis ipsum nunc.

lacus eleifend pretium eros sed consectetur venenatis praesent sapien consectetur dolor nullam laoreet orci mauris ornare congue lacinia auctor lorem quis quis lacus eleifend pretium eros sed consectetur venenatis praesent sapien consectetur dolor nullam laoreet orci mauris

Resources

  • Resource 1

    Lorem sed praesent quisque auctor libero eros lorem nec praesent accumsan ornare venenatis nullam.

  • Resource 2

    Lorem sed praesent quisque auctor libero eros lorem nec praesent accumsan ornare venenatis nullam.

Random Blog Posts

© 2020 Cryptoracle.info - Crypto News