According to Techradarcybersecurity researchers recently warned for the past year, hackers have secretly dispersed malicious code, causing hundreds of thousands of WordPress websites to fall into danger.
More than 390,000 WordPress websites were attacked by hackers throughout 2024
Photo: LinkedIn screenshot
Many WordPress websites are attacked
Specifically, the malicious code is hidden by hackers and ‘hidden’ in a XML-RPC package on NPM and Github storage. This malicious code is designed to steal WordPress login information, SSH lock, bash history and other sensitive data from the victim’s computer.
It is estimated that there are about 390,000 WordPress accounts affected by this campaign. Hackers also took advantage of poisoned computers to dig Monero (XMR) – an anonymous cryptocurrency that was favored by cyber criminals.
The worry is that the original malicious code is disguised as a legal open source package. This tactic deceived many security researchers and cybersecurity experts, accidentally turned them into a ‘prey’ and helped Ma Ma more spread.
Datadog Security Labs, the unit discovered this attacking campaign, named the hacker group behind MUT-1224 (Mysterious Unattributed Threat). The identity of this group has not been determined.
This incident once again raised a warning bell about network security, especially when using open source software. Developers need to be very careful when choosing and integrating open source packages into their products.
hacker,WordPress,Researcher,warning,website,campaign,attack
