Article 5ZFPP Researchers find backdoor lurking in WordPress plugin used by schools

Researchers find backdoor lurking in WordPress plugin used by schools

by
Dan Goodin
from Ars Technica - All content on (#5ZFPP)
backdoor-800x450.jpeg

Enlarge (credit: BeeBright / Getty Images / iStockphoto)

Researchers said on Friday that they found a malicious backdoor in a WordPress plugin that gave attackers full control of websites that used the package, which is marketed to schools.

The premium version of School Management, a plugin schools use to operate and manage their websites, has contained the backdoor since at least version 8.9, researchers at website security service Jetpack said in a blog post without ruling out that it had been present in earlier versions. This page from a third-party site shows that version 8.9 was released last August.

Obvious backdoor

Jetpack said it discovered the backdoor after support team members at WordPress.com reported finding heavily obfuscated code on several sites that used School Management Pro. After deobfuscating it, they realized that the code, stashed in the license-checking part of the plugin, was intentionally placed there with the goal of giving outsiders the ability to take control of sites.

Read 8 remaining paragraphs | Comments

index?i=JKb7lcsocog:tEzecKtwn7w:V_sGLiPB index?i=JKb7lcsocog:tEzecKtwn7w:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments