Massive WordPress Hack: 5,000+ Sites Hit by Stealthy Admin-Creating Malware

WordPress Security Breach: Over 5,000 Sites Compromised in Major Malware Campaign

A sophisticated malware attack has infiltrated more than 5,000 WordPress websites, creating unauthorized administrator accounts and compromising data security. The campaign, discovered by webscript security firm c/side, operates through the wp3[.]xyz domain to execute its malicious activities.

Attack Methodology:
– Creates unauthorized admin account “wpx_admin”
– Installs and activates malicious plugin.php
– Collects sensitive data including admin credentials
– Transmits stolen information disguised as image requests

The malware employs verification processes to confirm successful compromise, including:
– Operation status logging
– Plugin installation verification
– Data exfiltration confirmation

Recommended Security Measures:
1. Block wp3[.]xyz domain using firewalls
2. Audit privileged accounts and installed plugins
3. Remove unauthorized components
4. Strengthen CSRF protections with:
– Unique token generation
– Server-side validation
– Short token expiration periods
5. Implement multi-factor authentication

While the initial infection vector remains unknown, website administrators are urged to implement these security measures immediately to protect their WordPress installations from this ongoing threat.

Keywords: wordpress security breach, malware attack, wordpress malware, website security, unauthorized admin access, wordpress security measures

Share This Article

Massive WordPress Hack: 5,000+ Sites Hit by Stealthy Admin-Creating Malware

Related Articles

North Korean Hackers Target Developers with Stealthy JavaScript Weapon in Global Campaign

Russian Hackers Unleash New ‘Device Code’ Attack to Infiltrate Global Organizations

Hackers Exploit Critical SonicWall Firewall Flaw After Exploit Code Goes Public

Quick Links

Company

Get In Touch