Researchers at Defiant authored the popular Wordfence security solution for WordPress users and they have detected a massive campaign that has seen hackers actively scanning for websites employing the Kaswara Modern WPBakery Page Builder plugin.
The plugin was recently abandoned by the creative team behind it before receiving a patch for a critical security flaw.
The flaw, tracked as CVE-2021-24284 would allow an attacker to inject a malicious Javascript into any site using any version of the plugin, which would allow the uploading and deletion of files that could easily lead to a complete takeover of the site targeted.
What makes this campaign so impressive is the fact that the hackers have scanned more than a million and a half sites so far, searching for vulnerable targets. Fortunately, only a tiny percentage of sites scanned have been running the vulnerable plugin.
Based on the data collected, the campaign appears to have started on July 4th of 2022, and is ongoing to this day. The attacks originate from more than ten thousand unique IP addresses, indicating a large, organized group of attackers. The identity of the group behind the campaign is not known at this time.
The bottom line here is simple. If you are running this plugin, we recommend stopping immediately and uninstalling it. Since it has been abandoned by its authors, there's no fix coming and no matter how helpful it may have been to you, it's just not worth the risk.
Even if some other group adopts the plugin later, there's no telling how long it might take for that to happen. Even if it did, there's no way to know how long it might take them to develop a patch for it. For now then, your best bet is to treat this plugin as toxic and steer clear of it.
If this tip helps and you would like to donate click on the button. Thanks In Advance
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
