Our friends at Ars Technica report that thousands upon thousands of WordPress sites are apparently infected with a malware program that not only compromises the site, but attacks visitors to the site and potentially compromises them as well.  The malware is apparently related to an unpatched version of Slider Revolution, a premium WordPress plugin.  Falcon Computer Consulting LLC recommends immediately patching your sites if you use this plugin, running them through security scanners to ensure you haven't been infected, and potentially even deploying some sort of security or firewall solution to protect against future exploits and infections.  

 

Further, Falcon Computer Consulting LLC always recommends that you ensure your systems (desktops/laptops, servers, mobile devices, and any other network or critical devices) and online services/sites be kept up-to-date with patches and security fixes.  Our firm can provide assistance with this WordPress malware as well as general security-related updates and protection for all your systems and critical infrastructure.  Feel free to contact us for additional information and support.

 

 

Some 100,000 or more WordPress sites infected by mysterious malware

   courtesy of Ars Technica

 

Infected sites load attack code into webpages viewed by visitors.

 

About 100,000 or more websites running the WordPress content management system have been compromised by mysterious malware that turns the infected sites into attack platforms that can target visitors, security researchers said.

 

The campaign has prompted Google to flag more than 11,000 domains as malicious, but many more sites have been detected as compromised, according to a blog post published Sunday by Sucuri, a firm that helps website operators secure their servers. Researchers have yet to confirm the cause of the infection, but they suspect it's related to a vulnerability in Slider Revolution, a WordPress plugin, that was disclosed in early September. Update: In a new blog post published after Ars went live with this brief, Sucuri says it has confirmed the so-called "RevSlider" vulnerability is the culprit.

 

Read More...