WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws

Secondly, the malware is able to exploit a wide range of vulnerabilities in WordPress and other CMS systems. This includes vulnerabilities that have already been patched by the development team, as well as those that are yet to be fixed. This allows the malware to gain access to the website’s underlying code and install a malicious payload, which can be used to steal sensitive information or launch further attacks.

The malware was first discovered by researchers at Sucuri, who noticed an increase in attacks on WordPress websites that were using outdated versions of the CMS. Upon further investigation, they found that the attacks were being carried out by CT-Linux, which was using a variety of tactics to gain access to the target website.

One of the primary methods being used by CT-Linux is the exploitation of known vulnerabilities in WordPress and other CMS systems. As mentioned earlier, the malware is able to identify and exploit over two dozen vulnerabilities, including those that have already been patched by the WordPress development team. This is a particularly worrying aspect of the malware, as it means that even websites that are using the latest version of WordPress may still be at risk of being compromised.

Another tactic being used by CT-Linux is the use of brute force attacks to guess login credentials. The malware is able to quickly try thousands of different username and password combinations in order to gain access to the website’s administrative panel. This means that even websites with strong passwords may still be at risk of being hacked if the malware is able to guess the correct login credentials.

The targeted plugins and themes are below:

• WP Live Chat Support
• Yuzo Related Posts
• Yellow Pencil Visual CSS Style Editor
• Easy WP SMTP
• WP GDPR Compliance
• Newspaper (CVE-2016-10972)
• Thim Core
• Smart Google Code Inserter (discontinued as of January 28, 2022)
• Total Donations
• Post Custom Templates Lite
• WP Quick Booking Manager
• Live Chat with Messenger Customer Chat by Zotabox
• Blog Designer
• WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)
• WP-Matomo Integration (WP-Piwik)
• ND Shortcodes
• WP Live Chat
• Coming Soon Page and Maintenance Mode
• Hybrid
• Brizy
• FV Flowplayer Video Player
• WooCommerce
• Coming Soon Page & Maintenance Mode
• Onetone
• Simple Fields
• Delucks SEO
• Poll, Survey, Form & Quiz Maker by OpinionStage
• Social Metrics Tracker
• WPeMatico RSS Feed Fetcher, and
• Rich Reviews

What Can You Do to Protect Your WordPress Website from This New Strain of Linux Malware

As the most widely used CMS in the world, it is important for WordPress users to take steps to protect their websites from the CT-Linux malware and other threats. Here are some measures that you can take to help ensure the security of your WordPress website:

1. Keep your CMS and any themes or plugins up to date: One of the most effective ways to protect your website from the CT-Linux malware is to ensure that you are using the latest version of WordPress and any themes or plugins that you are using. This will help to ensure that any known vulnerabilities have been patched and that your website is less likely to be targeted by attackers.
2. Use strong, unique passwords: Another important measure to take is to use strong, unique passwords for your WordPress website and any other online accounts. Avoid using easily guessable passwords such as “123456” or “password,” and consider using a password manager to help you generate and store strong, unique passwords.
3. Enable two-factor authentication: If available, be sure to enable two-factor authentication for your WordPress website and any other online accounts. This will require you to provide an additional piece of information, such as a code sent to your phone, in order to log in, making it much more difficult for attackers to gain access to your account.
4. Install security plugins: Consider installing a security plugin such as Wordfence or Sucuri to add an extra layer of protection to your WordPress website. These plugins can help to block malicious traffic and alert you if there are any suspicious activities on your website.
5. Regularly back up your website: Be sure to regularly back up your WordPress website. This will allow you to restore your website to a previous, uninfected state in the event that it does get hacked.

By taking these steps and following good security practices, you can help to ensure the security of your WordPress website and protect it against the CT-Linux malware and other threats. It is also a good idea to stay up to date on the latest security risks and to seek out additional resources and guidance as needed.

Overall, the discovery of CT-Linux highlights the importance of staying up to date and following good security practices in order to protect your WordPress website from potential attacks. By taking the necessary precautions, you can help to ensure that your website remains secure and protected from this and other threats.