Over 5,000 WordPress Sites Infected With Keylogger

R

rgMekanic

[H]ard|News
Joined
May 13, 2013
Messages
6,943
In a blog post by Securi, it has been found that 5,482 WordPress websites infected with a keylogger. The malware, hiding as "cloudflare.solutions" was a part of a larger infection that injected a fake jQuery and Google Analytics script that was in reality a CoinHive cryptocurrency miner.

If anyone has a WordPress site, you should head over to Securi's blog to see how to find and remove the malware. And I'll be the one to say it, this is just another way that mining is screwing people over.

Given the keylogger functionality of this malware, you should consider all WordPress passwords compromised so the next mandatory step of the cleanup is changing the passwords (actually it is highly recommended after any site hack). Don’t forget to check your site for other infections too. Many sites with the cloudflare.solutions malware also have injected coinhive cryptocurrency miner scripts.
 
Mining screws people over? Isn't it people screwing people? You know, like people killing people, not guns killing people? ^^
 
Update Dec. 8 2017: The cloudflare[.]solutions domain has now been taken down.

Also: article was released on DECEMBER 6, 2017.
 
If you want an alternative to WordPress to build sites with, check out Concrete5. It's actually really awesome!
 
What? Have you actually looked at how the security in C5 works, and talked to the devs? Because I have. C5 devs take security very seriously, and have for a long time.

Any chance you want to actually research before you start throwing FUD next time? That'd be great

Yeah-THATD-BE-1rlu82.jpg


Trepidati0n said:
Until they aren't and compromised.
Click to expand...
 
That is not his point. The scumbags appear to be winning the security war. Which puts C5 right along with everyone else, and that it is just a matter of time.
 
BloodyIron said:
What? Have you actually looked at how the security in C5 works, and talked to the devs? Because I have. C5 devs take security very seriously, and have for a long time.

Any chance you want to actually research before you start throwing FUD next time? That'd be great
Click to expand...

What? I don't give a shit how seriously they take security. It isn't FUD...it is fact. With any security service/system there those that have been hacked and those that will be hacked. This is just a classic of posting of not letting a crisis go to waste to personal benefit IMO.
 
Concrete5 is on-premise dude. It's not a cloud/hosted service, you can run it yourself.

I have no idea what the fuck you're actually upset about, because it sounds like you have no real perspective on what the hell I'm talking about.

You think I have a vested interest in this? You're literally pulling this out of your ass dude. Prove to me I make any money from recommending an OPEN SOURCE tool to someone else.

Trepidati0n said:
What? I don't give a shit how seriously they take security. It isn't FUD...it is fact. With any security service/system there those that have been hacked and those that will be hacked. This is just a classic of posting of not letting a crisis go to waste to personal benefit IMO.
Click to expand...
 
BloodyIron said:
If you want an alternative to WordPress to build sites with, check out Concrete5. It's actually really awesome!
Click to expand...

You can't compare anything like that to Wordpress, in scale, security, extensions - plugins, design possiblities... damn look at their add-ons not only they are severely limited but many links are not even working.

I am into Web Design and right now Wordpress is pretty much what we use for most companies / organizations and even small e-shops. And comparing Concrete5 to Wordpress + Certain Frameworks + Plugins is like comparing Windows 10 vs Android in scale.


Of course you are going to read stories about security breaches in Wordpress. It is the MOST freaking popular CMS out there so you hear more often about it.
 
Really? I don't know anymore. But how can I find the malware from my blog? Who can help me?

-- a fan from mageewp
 
Last edited:
You must log in or register to reply here.
Back
Top