Connect with us


WordPress sites get hacked by fake ransomware




Hackers have been carrying out systematic attacks on websites hosted on WordPress. Just last week, 300 of them began to display messages that had been encrypted, as reported by the Bleeping Computer on Tuesday (16).

The most curious thing, according to the website, is that there was no type of encryption, but a real notice of redemption request for restoration, of 0.1 Bitcoin.

Although the figure is low compared to what is set for high profile ransomware attacks, it still represents a significant impact for many hosting service website owners. And what’s most disturbing about these WordPress ransom calls is that they’re accompanied by a countdown timer, to evoke a sense of urgency that bewilders the web administrator.

Hired by one of the victims, Brazilian cybersecurity company Sucuri investigated the attacks and found that the websites were never actually encrypted. What the hackers did was a modification in a WordPress plugin that was already installed, so that the code started to display the ransom note.

How did hackers create a fake ransomware attack?

Source: Sucuri/ReproductionSource: Sucuri/ReproductionSource: Sucuri

The plugin modified by the WordPress site attackers not only displays a ransom note but also makes modifications to all blog posts, changing the ‘post_status’ to ‘null’, that is, changing their status to ‘unpublished’. At first, it’s as if the entire site had been encrypted, but as soon as the experts removed the plugin and ran a command to republish the posts, the site was back to normal.

After tracking around 291 infected websites, Sucuri identified the modified Directorist plugin as the source of the attacks. In an update made by Bleeping Computer, the site reports having received a tip about a recent fix of the aforementioned plugin, addressing a bug that allowed the execution of arbitrary code by low-privileged users, which seems to confirm the Sucuri report.


Customize Your Entire Site With New Block Themes – News



Customize Your Entire Site With New Block Themes – News

Customize Your Entire Site With New Block Themes

Experiment with a new look for your site with themes created to take advantage of Full Site Editing.

In case you missed it, we’ve been rolling out a new set of powerful site design tools called Full Site Editing (or “FSE”) and it’s now available for all users!

Don’t worry if you’re just hearing about Full Site Editing for the first time. We’ve been releasing these new tools in a way that doesn’t actually require you to do anything with your existing site(s). If you are up for a change though, we’re happy to announce the launch of a brand new family of themes made specifically with Full Site Editing features in mind. As of this writing we have over two dozen themes available that support Full Site Editing.

These new themes have been designed with a wide variety of sites cases in mind. But their potential stretches well beyond their screenshots and demo sites. Because each theme is fully editable in the Site Editor, every one of these themes can be heavily customized to fit your site’s needs. You can start with theme that features single minimalist homepage, and then add as many menus and sidebars as you wish. Or, you can start with a complex business theme and strip it down to something minimal to suit your vision.

The Site Editor also includes a new feature called “Global Styles,” which allows you to edit site-wide settings for color, typography, and more. You’re free to change your theme’s default color scheme to whatever fits your mood, or even make all site text larger or smaller in a couple of clicks. To kick off this new feature, we’re also providing a few pre-built variations on some of these new themes.

All the new themes and variations can be found in the Theme Showcase. Or, if you’re starting a fresh site, they’ll be offered to you automatically in the site creation flow. This collection of themes is just the beginning, and we’re excited to continue launching a variety of diverse theme options for you. What would you like to see in the next set of themes on

Source link

Continue Reading

Subscribe To our Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address