WordPress plugins found to contain crytomining exploit

by Vyncent ChanOctober 24, 2019

What's your reaction?

Me Gusta

WOW

Potato

Sad Reacc

Angery

Popular WordPress plugins have been used to disguise crytomining exploits, targeting the servers they run on. Once installed, the cryptominer runs in the background, using up precious server resources and channeling the funds back to the attacker.

The malicious plugins offer users the features of the popular plugins, but include a cryptocurrency miner binary file known as “Multios.Coinminer.Miner-6781728-2“. The WordPress plugin found to have been used for this purpose is UpdraftPlus, specifically the 1.16.16 version.

Apparently just removing the plugin will not stop the crytomining going on the background. Webmasters will have to perform regular server-side security scans and also make sure they have a good grip on access permissions. Sucuri, the company that identified this exploit, also recommends using the Sucuri Security WordPress plugin to improve your security.

Pokdepinion: Nothing is safe.

Posted In

Tags

Cryptocurrency, cryptojacking, cryptomining, plugin, security, Wordpress

About The Author

Vyncent Chan

Technology enthusiast, casual gamer, pharmacy graduate. Strongly opposes proprietary standards and always on the look out for incredible bang-for-buck.

Pokde Recommends

Cryptocurrency cryptojacking cryptomining security News PC Security System

1023