The following was reported in the NJ CyberSecurity & Communications Integration Cell (dated Feb. 1, 2018)
A keylogger has been discovered in at least 2,000 WordPress sites. The threat actors searched for unsecured WordPress sites – often running older versions, themes, or plugins – and exploited known vulnerabilities to inject malicious code into their source code. The malicious code loads a keylogger hosted on a third-party domain and an in-browser cryptocurrency miner to mine Monero using the CPU power of site visitors. This campaign has been ongoing since April 2017, utilizing various third-party domains to host the keylogger.
The NJCCIC recommends all WordPress site administrators review the Sucuri report, check sites for suspicious scripts and unauthorized changes, implement a web application firewall (WAF) to identify and prevent modifications of core WordPress files, and always keep WordPress and any installed plugins up-to-date.
This is an excellent reason for using Green Technology Services for your website:
- we run multiple layers of security on each of our websites
- each website has its own firewall, in addition to a firewall operating on our servers
- daily security scans are run on each website
- we utilize 2 different backup software programs for redundant backups, both of which are stored on a remote server
- our website software is checked for updates several times a week, to ensure the most recent versions are always running
- our support staff is pro-active in keeping websites safe and running smoothly