This is an example of why we do not use WordPress for our websites.
A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites.
In total, threat actors compromised 40 themes and 53 plugins belonging to AccessPress, a developer of WordPress add-ons used in over 360,000 active websites.
The attack was discovered by researchers at Jetpack, the creators of a security and optimization tool for WordPress sites, who discovered that a PHP backdoor had been added to the themes and plugins.
Jetpack believes an external threat actor breached the AccessPress website to compromise the software and infect further WordPress sites.
A backdoor to give complete control
As soon as admins installed a compromised AccessPress product on their site, the actors added a new “initial.php” file into the main theme directory and included it in the main “functions.php” file.
This file contained a base64 encoded payload that writes a webshell into the “./wp-includes/vars.php” file.
Encoded payload writing the webshell
Encoded payload writing the webshell
Source: Sucuri
The malicious code completed the backdoor installation by decoding the payload and injecting it into the “vars.php” file, essentially giving the threat actors remote control over the infected site.
The only way to detect this threat is to use a core file integrity monitoring solution, as the malware deletes the “initial.php” file dropper to cover its tracks.
According to Sucuri researchers who investigated the case to figure out the actors’ goal, threat actors used the backdoor to redirect visitors to malware-dropping and scam sites. Therefore, the campaign wasn’t very sophisticated.
It’s also possible that the actor used this malware to sell access to backdoored websites on the dark web, which would be an effective way to monetize such a large-scale infection.
https://www.bleepingcomputer.com/news/s ... in-attack/
Over 90 WordPress themes, plugins backdoored in supply chain attack
All postings must have references and subject matter backing claims or they will be deleted!
-
Destry
- Site Admin
- Posts: 1500
- Joined: Sat Mar 31, 2018 11:38 pm
- County: Fairbanks
- Your State: Alive
- Contact:
Over 90 WordPress themes, plugins backdoored in supply chain attack
Unread post by Destry »
“First, let no one rule your mind or body. Take special care that your thoughts remain unfettered... . Give men your ear, but not your heart. Show respect for those in power, but don't follow them blindly. Judge with logic and reason, but comment not. Consider none your superior whatever their rank or station in life. Treat all fairly, or they will seek revenge. Be careful with your money. Hold fast to your beliefs and others will listen.”
“Wise? No, I simply learned to think.”
“Wise? No, I simply learned to think.”
Jump to
- Forum Rules
- New? Start Here!
- The word of God
- ↳ His Hard Line Scriptures
- National Assembly Blog
- For users who need passwords reset or users that do not receive emails.
- Outbound email blocking
- TEN STEPS TO AN ASSEMBLY BY WILL THEY MA'KIT
- Handbook For The Restoration of The Peaceful Sovereign States of America!
- 2018.05.10 Operation & Functions By-laws NAM Generic v.2
- 1638 Fundamental Orders
- Reba Live Red State Talk Radio explaining the foundation our assemblies stand on!
- Michigan Assembly Introduction Video
- Lapbook for home schooling
- His Hard Line Podcasts on Assembly
- Announcements and Notices
- Assembly Progress Reports
- National Assembly
- ↳ Notices in progress
- ↳ National Assembly Meeting Session Archive
- ↳ Requests for Agenda subjects
- ↳ Notice of voting on motions agenda for the next national assembly business meeting.
- ↳ National Assembly Seated Positions List
- ↳ National Assembly Documents and Resources
- ↳ National Assembly Meeting Motions De Jure Motion List History in Chronological Order
- State Assembly Support
- ↳ State Assembly Documents & Support
- ↳ State Assembly General Discussions
- County Assembly Support
- ↳ County Assembly Documents & Support
- ↳ County Assembly General Discussions
- General and off topic chat
- ↳ His Hard Line EDU Spot
- ↳ His Hard Line Quick Look
- ↳ HHL-Field Training Manual 2000-25 Series
- ↳ Voice of The People News Paper
- ↳ General Off Topic Chat
- ↳ Old Historical Documents
- ↳ Letters from an American farmer
- ↳ The Republic
- ↳ Video Library
- ↳ Legal Documents
- ↳ Resourceful Websites
- ↳ Humor
- ↳ Health and Healing
- ↳ In the Kitchen
- ↳ Alternative Energy and Hidden Tech.
- ↳ General News
- ↳ 5G microwave and the space fence
- ↳ Living Without the System by Clyde Edward Powell 22 DVD disk set
- ↳ Computers and Software
- ↳ Hoaxes and Scams
- The 50 Nation=States
- ↳ Alabama
- ↳ Alabama Introductions
- ↳ Alabama General Chat
- ↳ Alabama Historical Documents
- ↳ Alaska assembled settled
- ↳ Alaska Introductions
- ↳ Alaska General Chat
- ↳ Alaska's Historical Documents
- ↳ Website
- ↳ Arizona
- ↳ Arizona Introductions
- ↳ Arizona General Chat
- ↳ Arizona's Historical Documents
- ↳ Arkansas Assembled
- ↳ Arkansas Introductions
- ↳ Arkansas General Chat
- ↳ Arkansas Historical Documents
- ↳ Website
- ↳ California assembled questionable
- ↳ California Introductions
- ↳ California General Chat
- ↳ California's Historical Documents
- ↳ Colorado
- ↳ Colorado Introductions
- ↳ Colorado General Chat
- ↳ Colorado Historical Documents
- ↳ Connecticut
- ↳ Connecticut Intruductions
- ↳ Conneticut General Chat
- ↳ Connecticut's Historical Documents
- ↳ Delaware
- ↳ Delaware Introductions
- ↳ Delaware General Chat
- ↳ Delaware's Historical Documents
- ↳ Florida assembled
- ↳ Florida Introductions
- ↳ Florida General Chat
- ↳ Florida's Historical Documents
- ↳ Website
- ↳ Georgia Assembled
- ↳ Georgia Introductions
- ↳ Georgia General Chat
- ↳ Georgia's Historical Documents
- ↳ Georgia Website
- ↳ Hawai'i assembled questionable
- ↳ Hawai'i Introductions
- ↳ Hawai'i General Chat
- ↳ Hawaii's Historical Documents
- ↳ Idaho
- ↳ Idaho Introductions
- ↳ Idaho General Chat
- ↳ Idaho's Historical Documents
- ↳ Illinois Assembled
- ↳ Illinois Introductions
- ↳ Illinois General Chat
- ↳ Illinois Historical Documents
- ↳ Indiana
- ↳ Indiana Introductions
- ↳ Indiana General Chat
- ↳ Indiana's Historical Documents
- ↳ Iowa
- ↳ Iowa Introductions
- ↳ Iowa General Chat
- ↳ Iowa's Historical Documents
- ↳ Kansas
- ↳ Kansas Introductions
- ↳ Kansas General Chat
- ↳ Kansas Historical Documents
- ↳ Kentucky assembled
- ↳ Kentucky Introductions
- ↳ Kentucky General Chat
- ↳ Kentucky Historical Documents
- ↳ Louisiana
- ↳ Louisiana Introductions
- ↳ Louisiana General Chat
- ↳ Louisiana Historical Documents
- ↳ Maine
- ↳ Maine Introductions
- ↳ Maine General Chat
- ↳ Maine Historical Documents
- ↳ Maryland
- ↳ Maryland Introductions
- ↳ Maryland General Chat
- ↳ Maryland Historical Documents
- ↳ Massachusetts
- ↳ Massachusetts Introductions
- ↳ Massachusetts General Chat
- ↳ Massachusetts Historical Documents
- ↳ Michigan assembled settled
- ↳ Michigan Introductions
- ↳ Michigan General Chat
- ↳ Michigan Historical Documents
- ↳ Website
- ↳ Minnesota
- ↳ Minnesota Introductions
- ↳ Minnesota General Chat
- ↳ Minnesota Historical Documents
- ↳ Mississippi
- ↳ Mississippi Introductions
- ↳ Mississippi General Chat
- ↳ Mississippi Historical Documents
- ↳ Website
- ↳ Missouri Assembled
- ↳ Missouri Introductions
- ↳ Missouri General Chat
- ↳ Missouri Historical Documents
- ↳ Website
- ↳ Montana assembled questionable
- ↳ Montana Introductions
- ↳ Montana General Chat
- ↳ Montana Historical Documents
- ↳ Nebraska
- ↳ Nebraska Introductions
- ↳ Nebraska General Chat
- ↳ Nebraska Historical Documents
- ↳ Nevada
- ↳ Nevada Introductions
- ↳ Nevada General Chat
- ↳ Nevada Historical Documents
- ↳ New Hampshire
- ↳ New Hampshire Introductions
- ↳ New Hampshire General Chat
- ↳ New Hampshire Historical Documents
- ↳ New Jersey
- ↳ New Jersey Introductions
- ↳ New Jersey General Chat
- ↳ New Jersey Historical Documents
- ↳ New Mexico
- ↳ New Mexico Introductions
- ↳ New Mexico General Chat
- ↳ New Mexico Historical Documents
- ↳ New York assembled
- ↳ New York Introductions
- ↳ New York General Chat
- ↳ New York Historical Documents
- ↳ Website
- ↳ North Carolina assembled
- ↳ North Carolina Introductions
- ↳ North Carolina General Chat
- ↳ North Carolina Historical Documents
- ↳ North Dakota assembled Questionable
- ↳ North Dakota Introductions
- ↳ North Dakota General Chat
- ↳ North Dakota Historical Documents
- ↳ Ohio
- ↳ Ohio Introductions
- ↳ Ohio General Chat
- ↳ Ohio Historical Documents
- ↳ Oklahoma
- ↳ Oklahoma Introductions
- ↳ Oklahoma General Chat
- ↳ Oklahoma Historical Documents
- ↳ Oregon Assembled
- ↳ Oregon Introductions
- ↳ Oregon General Chat
- ↳ Oregon Historical Documents
- ↳ Website
- ↳ Pennsylvania
- ↳ Pennsylvania Introductions
- ↳ Pennsylvania General Chat
- ↳ Pennsylvania Historical Documents
- ↳ Rhode Island
- ↳ Rhode Island Introductions
- ↳ Rhode Island General Chat
- ↳ Rhode Island Historical Documents
- ↳ South Carolina
- ↳ South Carolina Introductions
- ↳ South Carolina General Chat
- ↳ South Carolina Historical Documents
- ↳ South Dakota
- ↳ South Dakota Introductions
- ↳ South Dakota General Chat
- ↳ South Dakota Historical Documents
- ↳ Tennessee Assembled
- ↳ Tennessee Introductions
- ↳ Tennessee General Chat
- ↳ Tennessee Historical Documents
- ↳ Texas
- ↳ Texas Introductions
- ↳ Texas General Chat
- ↳ Texas Historical Documents
- ↳ Utah
- ↳ Utah Introductions
- ↳ Utah General Chat
- ↳ Utah Historical Documents
- ↳ Vermont
- ↳ Vermont Introductions
- ↳ Vermont General Chat
- ↳ Vermont Historical Documents
- ↳ Virginia
- ↳ Virginia Introductions
- ↳ Virginia General Chat
- ↳ Virginia Historical Documents
- ↳ Washington
- ↳ Washington Introductions
- ↳ Washington General Chat
- ↳ Washington Historical Documents
- ↳ West Virginia
- ↳ West Virginia Introductions
- ↳ West Virginia General Chat
- ↳ West Virginia Historical Documents
- ↳ Wisconsin - Assembled
- ↳ Wisconsin Introductions
- ↳ Wisconsin General Chat
- ↳ Wisconsin Historical Documents
- ↳ Website
- ↳ Wyoming
- ↳ Wyoming Introductions
- ↳ Wyoming General Chat
- ↳ Wyoming Historical Documents
- International Community
- ↳ Australia
- ↳ Australia General Chat
- ↳ Australia History
- ↳ Canada
- ↳ Canada Introductions
- ↳ Canada General Chat
- ↳ Canada Historical Documents
- ↳ Germany
- ↳ Germany Introductions
- ↳ Germany General Chat
- ↳ Website
- ↳ Ireland
- ↳ Ireland Introductions
- ↳ Ireland General Chat
- ↳ Slovakia
- Suggestion Box