Researchers at the Georgia Institute of Technology have found that 25 thousand WordPress websites are infected with malicious plugins.
With the help of YODA, researchers found 47 thousand malicious plugins across 24931 unique WordPress sites. Every website in their dataset had two or more infected plugins, with 94% being active at a time.
With the help of YODA, researchers could trace malware used in WordPress plugins back to their source and find that it’s being sold on open markets or distributed via pirating sites.
Malicious plugins were found to be impersonating popular, legitimate marketplaces as well. Sometimes they’re offered on paid plugin sites with trial options.
The malicious plugins were also found to attack other plugins on the servers with WordPress installed to spread the infection. The most common forms of exploitation were cross-plugin infection or infection by exploiting existing vulnerabilities.
Malicious plugins can be damaging, but it is not impossible to take action. For example, owners could purge the malicious plugin from their browser and reinstall a malware-free version scanned for vulnerabilities.
It is not just with wordpress. Any platform with plugins that requires third-party applications to be installed for additional features could have malicious codes.
Wordpress just made it more manageable thanks to the fact that WordPress plugins are all written in PHP and can have their source code reviewed at will by anybody who wishes to do so.
However, a malicious WordPress plugin could ultimately lead to a complete takeover of any affected WordPress instances.
Keep your website safe and healthy.
Hire professionals from WPGeared who cares about your website on a regular basis.
Check out our monthly maintenance package and security packages that offers you a stress free blogging experience.