Hundreds of WordPress Sites Victims of Fake Attacks

One of the most popular website creation and management tools in the world. of WordPress According to the research of a cyber security company called Sucuri, its users were attacked. But these attacks were actually partially fake attacks. All events are after what a website owner sees on their site. to Sucuri It started with a research request.

Visitors to the page were faced with an article stating that the website was ‘encrypted’. At the bottom of this article, there is a timer, and below it, 0.1 Bitcoin was requested to be sent to the specified cryptocurrency wallet in order to restore the site to its normal state. This attack on nearly 300 websites had been seen. But the website was actually not encrypted at all.

A request for money was made by making a fake attack with the plugin:

According to Sucuri’s research, the people who did this didn’t actually encrypt the site. Instead they played on A WordPress plugin named ‘Directorist’ they had installed it on their website, and thanks to this add-on, these articles were appearing before the visitors of the site. In addition, the plugin they prepared was unpublishing all posts in WordPress.

But the attackers’ websites How they accessed their panels is still unknown. According to Sucuri’s research, these people gained access to the administration panels of websites either by brute force (continuously trying different password combinations) or by purchasing information sold on the dark web.

It was too easy to dodge the attack. All one has to do is enter the WordPress admin panel. delete the plugin and republish all pages and posts had to. Thus, the website continued its life as if the attack had never happened. The attack can still be seen on some websites.