January 31, 2023

Attackers began to embed hidden miners in WordPress plugins

Recently, cybercriminals often use fake plugins for content management systems. WordPress site for the purpose of hidden cryptocurrency mining. It is reported by AMB Crypto.

In a report specializing in cybersecuritySucuri says hackers are cloning plugins for WordPress to create a backdoor on the victim’s website and then cryptocurrency mining. One of these fake plugins is wpframework, which was discontinued in 2011. However, at least 400 installations of this module have been identified in the past few months.

According to the researchers, the scheme withmodified plugins for WordPress attracts attackers with its simplicity, because you do not need to create new software, but just add a few lines of code. In addition, hackers have already created tools that easily clone original WordPress plugins and embed malicious files into them.

Earlier today, ForkLog reported that hackers began embedding hidden miners in WAV audio files.