WordPress Malware Spreads via Nulled WordPress Themes[src: bleepingcomputer]
A WordPress malware campaign that recently picked up steam last month is now using nulled (pirated) premium themes to infect new victims.
According to Sucuri security researcher Denis Sinegubko, the wp-vcd malware is now preinstalled inside pirated WordPress premium themes offered for download for free on some sites known for providing nulled scripts, themes, and plugins for various CMS platforms.
This particular malware — wp-vcd — works by adding a secret admin user to the site’s backend, with the username “100010010.” Attackers use this backdoor account to open connections to infected websites so attackers can carry out scripted attacks at later dates.
wp-vcd used to inject spam on infected sites
Sinegubko says that since Sucuri saw a resurgence of the wp-vcd malware in late November, attackers have used wp-vcd backdoor accounts to insert spam on infected sites.
Some of these spam messages also led users back to the websites offering the nulled themes, helping wp-vcd authors propagate their malware and expand their network of hacked sites
For more, click here.
WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes
25 Oct 2022 - News, News Clipping
30 Jun 2021 - CIRT In Media, News Clipping