When WordPress security breach hits website security
The security breach at WordPress.com hit the site with more than 500 million unique visitors, according to the company.
It was reported Thursday by security firm Symantec.
Symantectors chief research officer Jonathan Zdziarski told CBS News that WordPress has been “on lockdown since May.”
“We’ve been locked down for the past six months,” Zdzieski said.
“And that’s because we’ve been monitoring the WordPress security community, monitoring our users, and we’ve seen a very high percentage of active attackers.”
Symantech researchers were able to trace more than 200 attacks to the WordPress team, according a Symantestories blog post.
The attack also compromised the WordPress password manager.
“In all, Symantemps researchers have identified over 400 instances where attackers were able target WordPress users by sending emails with the username “wp-admin,” “[email protected],” or “[email protected]
“The attackers then used the WordPress site’s API to steal login credentials, and they sent them to a remote server.
The company has been testing its WordPress plugin, Wix, to make it more secure. “
We’re working on the technical solutions, so we’re going to roll out that in the next few weeks,” he said.
The company has been testing its WordPress plugin, Wix, to make it more secure.
The WordPress plugin is built with the same technology as WordPress.
“The reason we don’t have this plugin, the reason we’re not rolling it out, is because of the WordPress community,” Zschieb said.
Zschieski did not say if Symantep has fixed the problem with the WordPress plugin.
Symantic has also seen attacks that were directed at a website that runs a WordPress theme.
He said Symantes WordPress team is working to fix this problem.
“WordPress is a core part of our security and we’re doing all we can to make sure that we are as safe as we can be,” Zschieski added.
SymAntech also said it has seen attacks targeting websites that use WordPress’s theme editor.
“If you’re running a theme editor on WordPress, you are vulnerable to these kinds of attacks,” Zscieb added.
It also showed that the attack was able to steal passwords from a WordPress user’s account.
The attackers used the same technique that was used in the attack that was reported on Thursday.
“One of the phishers was sending them to the address you see above, and then we were able in a little bit of time, in a matter of hours, to identify the email addresses associated with the email messages,” Zscheb said in a Symantis blog post about the attacks.
The Symantemy team has now disabled the WordPress theme editor plugin and the WordPress API.
The theme editor allows users to add custom widgets, like the wordpress logo and a custom banner.
The security researcher said that WordPress developers should review the WordPress themes and plugins they’re using, because they may have been compromised by attackers.
“They’re going through that very carefully, and as soon as they know, they should disable them,” Zspieb told CBSnews.
The blog post also pointed out that Symantefor WordPress security researcher Matt DeHart told CBS news that the theme editor was not being used on the Symanteback.
Symantyep also said that Symantiep has patched vulnerabilities in the theme manager that could allow attackers to steal the WordPress passwords.
“Symantec researchers have found vulnerabilities in Symantewith WordPress, including the theme-manager vulnerability, which could allow for remote code execution,” Symanteps blog post said.
Symantoess blog post did not address how the attackers were using the theme creator to get into the WordPress developers account.