WordPress is a secure platform but its website get hacked when you use vulnerable plugins. Hackers are reportedly taking advantage of weaknesses in over ten WordPress Plugins in order to backdoor websites with rouge admin accounts.
This is a very fast growing attack that was reported on back in July in which hackers were hacking the websites to serve ads, scams, and malicious app downloads.
According to ZDNet report the malicious code updated by the hacker group on hacked sites.
The malicious code was modified to detect when admin of site logged in to their own site. Upon logging in, the code use the admin privileges to create a new admin account named “wpservices”, which is linked to the email address firstname.lastname@example.org.
With that rouge account, the hacker can do anything they want with a site.
Here are the list of vulnerable plugins which are commonly used for hackers attack.
The hacker groups are targeting mostly the older vulnerabilities, which means by updating your plugins to the latest version, you have less chance to become the victim of recent attacks.
As cleaning the already attacked website is a challenging tasks, we strongly recommend non-professionals to take help from the professionals.
Site owners can avoid these kind of attacks by updating their software to the latest version.
We at CodeLedge, provide services of recovering the hacked WordPress websites. If your website is hacked, we can help you recovering your website with zero data loss.
As we are the professional WordPress developers and have experience to deal with these kind of attacks. We also increase the security of your WordPress website by using and modifying different security plugins.
So, that you website cannot be hacked easily. We improve WordPress security and let you grow in your business.
If you are having any issues related to WordPress security or your website is hacked, talk to us. We are ready to help. Ask for help here. We will be right back to you.