Cyber criminals have carried out an attack against WordPress with the aim of modifying sites to create a spam campaign
Hackers have targeted WordPress. Last week the company had tried to remedy a 0-day flaw that put the privacy of its users at risk. Despite this, at the moment thousands of administrators have not updated their sites, giving free access to hackers.
First of all, it should be specified that in computer science we define as 0-day any security vulnerability not publicly known. Such vulnerabilities are called 0-day because they are not yet known to developers, who have only a few days to fix them. They are usually used by hackers to gain free access to a vulnerable computer system. It must be said that WordPress to ensure the privacy and security of its users has however worked for a week in secret with some companies specializing in computer security and released a patch to fix the problem.
How to fix WordPress flaw
Despite WordPress' work, the danger has not yet been fixed. This is because many administrators have not updated their websites. This means that the bug is still present in some sites and hackers are already exploiting it. Not surprisingly, the news of one of the famous Linux blogs, OpenSUSE (news.opensuse.org), has also been infected. However, the blog was restored immediately without any breach of any other part of the infrastructure.
The purpose of the attack
The vulnerability resided in WordPress REST API. The flaw allows a hacker to delete pages of WordPress websites or modify them at will. With the purpose of redirecting traffic to malicious sites with ads and links that could infect different devices. According to some studies in this way hackers managed to modify or delete about 66 thousand web pages. In this case the purpose was to create an SEO campaign in order to spread spam and gain positions within search engines to hit more and more users. The advice not to become a target of these SEO spammers and hackers is only one: update WordPress to the latest version 4.7.2.