Stories
Slash Boxes
Comments

SoylentNews is people

Researchers Find Fake WordPress Plugins That Secretly Mine Cryptocurrency

posted by janrinok on Sunday October 20 2019, @11:07AM   Printer-friendly
from the never-good-news-from-Wordpress dept.
Security

upstart writes:

Submitted via IRC for SoyCow1984

Researchers find fake WordPress plugins that secretly mine cryptocurrency

Researchers have discovered several malicious WordPress plugins that are being used to surreptitiously mine cryptocurrency by running Linux binary code.

According to the researchers at website security company Sucuri, the plugins are also being used to maintain access to compromised servers. It seems their use has increased in recent months.

Essentially, the components are clones of the legitimate software, which have been altered for illicit purposes, making them relatively easy for hackers to create. Although the plugins' code differs in terms of names, they do have several things in common: they have a similar structure and header comments from the popular backup/restore plugin UpdraftPlus.

Original Submission

This discussion has been archived. No new comments can be posted.
Researchers Find Fake WordPress Plugins That Secretly Mine Cryptocurrency | Log In/Create an Account | Top | 2 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 2) by NateMich on Sunday October 20 2019, @11:47AM (1 child)

    by NateMich (6662) on Sunday October 20 2019, @11:47AM (#909529)

    Malicious or hacked wordpress plugins has only been a problem for several years now.
    Same with crypto mining on hacked site.

(1)