Hacked millions of WordPress pages!

κάνουν σάρωση για ιστότοπους with Epsilon Framework themes installed on more than 150.000 sites and are vulnerable to Function Injection attacks that could result in full access to the sites.

“To date, we have seen an increase of more than 7,5 million against more than 1,5 million sites targeting these vulnerabilities, originating from more than 18.000 IP addresses,” said Wordfence QA engineer and threat analyst Ram Gall.

Scan for vulnerable sites

The ongoing wave of attacks on vulnerable WordPress sites targets recently fixed vulnerabilities.

While security flaws discovered in recent months in themes using the Epsilon Framework could allow websites to be accessed through a exploit resulting in remote code execution (RCE), most of these ongoing attacks are designed only to detect vulnerabilities.

"We are not providing further details about the attacks at this time, as exploit does not appear to be in a mature state and a large number of IP addresses are being used," Gall added.

"These attacks use POST requests on admin-ajax.php and therefore do not leave separate log entries, although they will be visible in Wordfence Live Traffic."

Vulnerable theme editions

These targeted theme versions of Epsilon Framework are known to be vulnerable to these attacks:

Owners and webmasters running vulnerable versions of these themes are advised to notify an update immediately if available.

If not available at this time, they should turn to another issue as soon as possible to rule out attacks.

In May, another mass attack campaign targeted some 900.000 WordPress sites in one week, trying to "plant" backdoors or redirect visitors to malicious advertising sites.

One month later, another series of attacks attempted to collect credentials from databases of about 1,3 million pages with WordPress by downloading configuration files.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).