Security researchers : Hackers scanned 1.6 million Word Press sites for vulnerable plugin
image courtesy:wordpressdotcom/Twitter
On Friday, security researchers detected that a massive campaign by hackers that scanned 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication.
The attackers are targeting the Kaswara Modern WPBakery Page Builder, which has been abandoned by its author before receiving a patch for a critical severity flaw tracked as CVE-2021-24284.
The vulnerability would permit an unauthenticated attacker to inject malicious Javascript to sites using any version of the plugin and perform actions like uploading and deleting files, leading to a complete takeover of the site.
While the size of the campaign is spectacular, with 1,599,852 unique sites being targeted, only a small portion of them are running the vulnerable plugin.
“Researchers at Defiant, the maker of the Wordfence security solution for WordPress, observed an average of almost half a million attack attempts per day against customer sites they protect,” a source as per Bleeping Computer.
According to the Wordfence telemetry data, the attacks began on July 4. They are still ongoing today at an average of 443,868 attempts every day.
