Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Many plug-ins for the popular WordPress blog opener are now offline after a backdoor was discovered in them, which is used to push malicious code to any website that relies on the plug-in. The back door was discovered after the new owner purchased these plug-ins.
Anchor Hosting founder Austin Ginder sounded the alarm in a blog post last week describing a chain attack on a WordPress plug-in maker called Essential Plugin. Ginder said one last year purchased the Essential Plugin and the backdoor was soon added to the source code of the plug-ins. The backdoor remained silent until earlier this month when it was activated and began distributing malicious code to every website where the plugins were installed.
Essential Plugins he says on his website that it has more than 400,000 plug-ins and more than 15,000 customers. Site WordPress’ plug-in install he says the affected plug-ins are in more than 20,000 WordPress installations.
Plugins allow the owners of WordPress-based websites to increase the functionality of the site, but in doing so give them the ability to install their own plugins, which can open up these websites to additional malware and bugs. But Ginder warned that WordPress users are not notified of any change of ownership, suggesting users may be taken over by the new owner.
According to Ginder, this is it take over again of the WordPress plug-in that has been available for weeks. Security researchers have it warned long ago about the dangers of malicious actors who buy software and modify their code to infect many computers around the world.
When plug-ins has been removed from the WordPress directory and now record their closure as “permanent,” Ginder warned that WordPress owners should check if they still have one of the malicious plugins installed and remove them. Ginder has a list of affected plugins in a blog post.
Representatives for Essential Plugin did not respond to a request for comment.