The following was reported in the NJ CyberSecurity & Communications Integration Cell (dated Feb. 1, 2018)

A keylogger has been discovered in at least 2,000 WordPress sites. The threat actors searched for unsecured WordPress sites – often running older versions, themes, or plugins – and exploited known vulnerabilities to inject malicious code into their source code. The malicious code loads a keylogger hosted on a third-party domain and an in-browser cryptocurrency miner to mine Monero using the CPU power of site visitors. This campaign has been ongoing since April 2017, utilizing various third-party domains to host the keylogger.

The NJCCIC recommends all WordPress site administrators review the Sucuri report, check sites for suspicious scripts and unauthorized changes, implement a web application firewall (WAF) to identify and prevent modifications of core WordPress files, and always keep WordPress and any installed plugins up-to-date.

This is an excellent reason for using Green Technology Services for your website:

  • we run multiple layers of security on each of our websites
  • each website has its own firewall, in addition to a firewall operating on our servers
  • daily security scans are run on each website
  • we utilize 2 different backup software programs for redundant backups, both of which are stored on a remote server
  • our website software is checked for updates several times a week, to ensure the most recent versions are always running
  • our support staff is pro-active in keeping websites safe and running smoothly