Right now, as I type this blog post, WordPress sites are being attacked globally. The threat is highly distributed and aims to inject malicious code using WordPress admin accounts.
Law enforcement agencies have reported large scale attacks on US financial institutions. Analysis of these attacks have pinpointed the majority of systems to be running CMSs(mostly WordPress). WordPress admin accounts are being compromised, then scripts designed to attack other institutions are being uploaded and executed.
This is happening on a global level using spoofed ip addresses. The highly distributed nature of the attacks make prevention of all malicious data difficult.
We recommend the following security procedures.
- Update WordPress and all installed plugins
- Install this security plugin
- Change your admin password. A strong password should contain at least 1 capitol, 1 number and one special character.
