RATE Group | Fake WordPress Plugin Comes with Cryptocurrency Mining Function
65840
post-template-default,single,single-post,postid-65840,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

19 Oct Fake WordPress Plugin Comes with Cryptocurrency Mining Function

Posted at 10:08h in Cryptocurrency News by

[ad_1]

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency.

Researchers at website security company Sucuri noticed the number of malicious plugins increase over the past months. The components are clones of legitimate software, altered for nefarious purposes.

Normally, these fake plugins are used to give attackers access to the server even after the infection vector is removed. But they can include code for other purposes, too, such as encrypting content on a blog.

Double hedging

One of the plugins discovered by Sucuri to have a double purpose is a clone of “wpframework.” It was found in September and attackers used it to “gain and maintain unauthorized access to the site environment,” the researchers say.

It is unclear which plugin it impersonates, but one with this name exists in the WordPress public repository but its development seems to have stopped in 2011. Despite this, it still has…

[ad_2]

Source link

Tags:
, , , , ,