Are we surprised? Because people working in security are not busy enough dealing with Log4J. 1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs.
Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for attackers to update arbitrary options on vulnerable sites. This led us into an investigation which uncovered an active attack targeting over a million WordPress sites. Over the past 36 hours, the Wordfence network has blocked over 13.7 million attacks targeting four different plugins and several Epsilon Framework themes across over 1.6 million sites and originating from over 16,000 different IP addresses.
16,000 IPs mean a botnet is behind the attack.
The 4 plugins are:
- Kiwi Social Share
- WordPress Automatic
- Pinterest Automatic and
- PublishPress Capabilities
Most people in the sidebar use WordPress.com, and whatever their other faults, they do a fair job of keeping stuff current. If you are using a different provider or rolling your own make sure you are up to date. And given the structure of WP, good luck figuring out if you've been compromised.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.