Experts discover new Linux malware: injecting malicious scripts using a number of outdated WordPress plug-ins and theme vulnerabilities 01/28 Update SLTechnology News&Howtos

Experts discover new Linux malware: injecting malicious scripts using a number of outdated WordPress plug-ins and theme vulnerabilities

2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Shulou(Shulou.com)11/24 Report--

CTOnews.com, December 31 (Xinhua) according to a report from antivirus software company Dr.Web, a piece of malware aimed at 32-bit and 64-bit Linux distributions has been discovered recently, which exploits vulnerabilities in several outdated WordPress plug-ins and themes to inject malicious JavaScript scripts to allow attackers to operate remotely.

CTOnews.com learned that the main function of the Trojan is to use a set of continuously running hard-coding vulnerabilities to attack WordPress sites until one of them works. The target plug-ins and themes are as follows:

WP Live Chat Support Plugin

WordPress-Yuzo Related Posts

Yellow Pencil Visual Theme Customizer Plugin

Easysmtp

WP GDPR Compliance Plugin

Newspaper Theme on WordPress Access Control CVE-2016-10972)

Thim Core

Google Code Inserter

Total Donations Plugin

Post Custom Templates Lite

WP Quick Booking Manager

Faceboor Live Chat by Zotabox

Blog Designer WordPress Plugin

WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)

WP-Matomo Integration (WP-Piwik)

WordPress ND Shortcodes For Visual Composer

WP Live Chat

Coming Soon Page and Maintenance Mode

Hybrid

If the target site runs any of these outdated and vulnerable versions, the malware automatically fetches malicious JavaScript from its command and control (C2) server and injects scripts into the site.

These malicious redirects can be used for phishing, malware distribution, and malicious advertising campaigns to help evade detection and blocking. In other words, operators of automatic syringes may sell their services to other cyber criminals.

In addition, Dr. Web has evidence that WordPress add-ons used by hackers include:

Brizy WordPress Plugin

FV Flowplayer Video Player

WooCommerce

WordPress Coming Soon Page

WordPress theme OneTone

Simple Fields WordPress Plugin

WordPress Delucks SEO plugin

Poll, Survey, Form & Quiz Maker by OpinionStage

Social Metrics Tracker

WPeMatico RSS Feed Fetcher

Rich Reviews plugin

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.