- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’ spinoff mini-series is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
- QAnon believers link small-town arrest to deep state conspiracy without evidence Friday 1:58 PM
- Instagram photos showing prison conditions spark massive protest Friday 1:33 PM
- ‘Gay rat wedding’ headline sparks amazing new meme Friday 1:03 PM
- ‘I read a gossip piece’ meme mocks Moby’s Instagram post Friday 12:39 PM
- Rotten Tomatoes wants to see your ticket stub to leave a verified review Friday 11:46 AM
- ‘Sonic the Hedgehog’ movie delayed to 2020 to fix his look Friday 11:39 AM
- ‘Swamp Thing’ gets off to a promising start, but can it tell a convincing love story? Friday 11:34 AM
- ‘Falling on deaf ears’: ‘Queer Eye’ star sparks conversation about ableist idioms Friday 11:15 AM
- Parents are spending thousands on YouTube camps that teach kids how to be famous Friday 10:43 AM
- In season 2 of ‘She’s Gotta Have It,’ Spike Lee remains unapologetically himself Friday 10:36 AM
- Trump selling Pride shirts is a grotesque insult to the LGBTQ community Friday 10:27 AM
- Logan Paul is being mocked for pulling out of slapping competition Friday 9:57 AM
Hackers are infecting WordPress websites to mine cryptocurrencies
Here’s how you can protect yourself.
Hackers have targeted more than 2,000 WordPress websites to steal login credentials and tax visitors’ computers to mine cryptocurrency, researchers at security firm Sucuri discovered recently. WordPress is the one of the most popular content management systems (CMS), powering more than 25 percent of the websites on the internet, which means more websites might be at risk.
What we know about the attacks
Using this method, the attackers have managed to infect the pages of targeted websites with a keylogger, a malware the records keystrokes and sends them to the attacker’s server. This enables the hackers to steal all data entered in the website’s forms, including the login credentials of the administrator and other users.
The hackers have separately infected the WordPress frontend with CoinHive, an in-browser cryptojacker that targets the website’s visitors. CoinHive secretly uses the CPU of visitors to mine cryptocurrency for the attackers. If your website is infected, visitors will feel a sudden slowing down of their computers and smartphones. Cryptocurrency miners also drain smartphone batteries.
Sucuri did not say how the attackers managed to infect the websites. But such attacks usually occur on websites running older versions of WordPress (the current version is 4.9.2) or containing insecure plugins. WordPress has a very popular market for plugins and extensions. The official WordPress website hosts more than 50,000 plugins, and thousands of others can be acquired from other sources. These plugins are often poorly secured, containing exploitable vulnerabilities.
In December 2017, Sucuri found a similar attack that affected more than 5,500 websites. The domain hosting that attack (cloudflare[.]solutions) has long since been disabled. However, as researchers from Sucuri point out, the reinfection rate shows that there are still many sites that have failed to properly protect themselves after the original infection. “It’s possible that some of these websites didn’t even notice the original infection,” the blog post reads. Future attacks might infect more websites.
How to protect yourself
The first step to prevent your WordPress blog from being infected is to make sure you’re running the latest version of the engine and plugins. WordPress.com-hosted websites are automatically updated. If you’re using another hosting service, WordPress will warn you if a new version is available when you log in to your dashboard.
Updates will protect you from future attacks. To make sure your WordPress installation hasn’t already been infected, you must scan core files and database tables for recent and suspicious modifications and return them to their original version. The process isn’t trivial, but Sucuri has a page that guides you through the steps to find and remove infections.
If you don’t run a WordPress website but are worried about browsing to an infected website that will drain your CPU and battery to fill the pockets of anonymous hackers, you can install NoCoin, a browser extension that prevents cryptocurrency miners from running on your machine.
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.