Self-proclaimed ISIS affiliates hack WordPress plugins

April 10, 2015 Arctic Wolf Networks

A group of hackers claiming to be affiliated with ISIS have been targeting WordPress plugins to gain access to user's websites. Hackers have been taking advantage of plugins that leave unchecked gaps in the content management system through a handful of the 37,000 third party-created plugins. As a result, they have been able to gain entry into government and commercial websites, as well as those of religious groups and news organizations. 

FBI officials stated that the low-sophistication level of this cyberattack as supporting evidence that ISIS isn't truly involved most likely. But that doesn't take away from the fact that it is an issue that could lead to frustrations for victims given the revenue loss that could come as a result of website blackouts or paying for system repairs to remove any malware.

Two plugins have specifically been named as high-risk for the recent hacks, RevSlider and GravityForms. But specialist stated that this can easily be resolved by updating the plugins to their most recent versions, where no cybersecurity gaps have been found yet. 

Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.

Previous Article
US gets closer to source of White House hack

The U.S. government now thinks they have found the methods used by Russian hackers to gain access to White ...

Next Article
FAA hit by cyberattack earlier this year

The Federal Aviation Administration recently revealed that they found malicious software in their computer ...


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!