Blogger vs WordPress Blog

By Stu Sjouwerman, CEO KnowBe4

Antivirus is not catching it yet making this a very dangerous situation. Word Press sites have been repeatedly hacked throughout 2014 and 2015. Looks like 2016 will be no different. So far, no one has figured out exactly how the sites are getting compromised.

Researchers from Malwarebytes and other security firms have reported that a massive number of legit WordPress sites are silently redirecting visitors to sites with the Nuclear Exploit Kit. "WordPress sites are injected with huge blurbs of rogue code that perform a silent redirection to domains appearing to be hosting ads," Malwarebytes Senior Security Researcher Jérôme Segura wrote in a recent Malwarebytes blog post. "This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit."

The compromised WordPress sites included encrypted code at the end of all legitimate JavaScript files. The attack tries to conceal itself and the code redirects end-users through a series of sites before dropping the ransomware payload. Once a WP server is infected, the malware also installs a variety of backdoors.

The malware tries to infect all accessible .js files.

What to do if you are running WordPress:

Patch server operating systems. Make sure you have all the latest updates.

Patch WordPress.

Get rid of as many WP plugins as possible and patch the current ones.

Update all your WP instances at the same time to prevent cross-infections.

Lock down all WP instances with a very strong password and the WP 2-factor authentication.

Protecting a network and your users:

Keep servers and workstations updated at all times.

Backup your data and keep daily off-site backups. Regularly TEST, TEST, TEST to make sure your restore functions actually work. The latter is often overlooked.

Provide end-users with the 64-bit version of Google Chrome if possible.

Run the latest V5.5 of Microsoft's Enhanced Mitigation Experience Toolkit (EMET) on workstations.

Step all users through effective security awareness training as this keeps your users thinking about security and helps them play their part in keeping everyone safe online. Stu Sjouwerman (pronounced "shower-man") is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2 013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.Related Keywords:Wordpress Malware

Source:Digital Media Online. All Rights Reserved

Source: Have you fixed your WordPress site yet?