Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

The source said that the hackers sent malicious patch links to the webmaster under the official name of WordPress.

2024-02-27 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)12/24 Report--

CTOnews.com December 6 news, security company Wordfence recently discovered that hackers posing as WordPress official name, sent phishing emails to webmasters, claiming to detect vulnerabilities in the website, it is possible for hackers to remotely execute code, requiring webmasters to use the CVE-2023-45124 patch link attached to the email to "fix website vulnerabilities."

▲ Source security company Wordfence However, the link attached to the hacker actually points to the phishing website set up by the hacker himself. If the victim does not verify the authenticity of the relevant information, he will directly click on the web link and enter a fake WordPress website "en-gb-wordpress [.] org"。

▲ WordfenceCTOnews.com learned from the official press release that after the victim installs the relevant "phishing patch," the malware contained therein will add a hidden malicious administrator account wpsecuritypatch in the background of the website, package the website URL and password back to the hacker server, and then implant a backdoor program wpgate [.] zip, which allows hackers to maintain control of victim websites.

It is worth noting that security researchers found that hackers added multiple false comments to the message area of phishing websites in order to win the trust of victims, and listed some programmers of security company Automattic as developers.

▲ Source security company Wordfence

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report