WordPress Admins Infect Their Sites With WP-VCD Via Pirated Plugins
upstart writes:
Submitted via IRC for soylent_red
WordPress Admins Infect Their Sites With WP-VCD via Pirated Plugins
WordPress sites have been the target of a highly active malicious campaign that infects them with a malware dubbed WP-VCD that hides in plain sight and quickly spreads to the entire website.
The group of hackers behind it have also made sure that their malicious payload is also very hard to get rid of once it manages to compromise a site. To make things worse, the malware is also designed to scan its way through the hosting server and infect any other WordPress sites it finds.
WP-VCD is spread by the most active malicious campaign impacting WordPress sites as of late, with the Wordfence threat intelligence team that took a closer look at it associating "individual WP-VCD malware samples with a higher rate of new infections than any other WordPress malware since August 2019."
The malware is also "installed on more new sites per week than any other malware in recent months" and "the campaign shows no signs of slowing down."
This is quite remarkable given that the malware has been doing rounds for more than two years, with the first publicly reported case of a WP-VCD infection going as far as February 2017, and users reporting infections and asking for advice on how to get rid of them on the WordPress Support forum [1, 2, 3, 4, 5] and in various other places on the Internet. [1, 2, 3]
Read more of this story at SoylentNews.