How to Protect Yourself from the Latest WordPress Malware Attack

As one of the most popular website building tools in the world, WordPress is once again a target for malware.

As one of the most popular website building tools in the world, WordPress has once again become a target for malware. While security researchers are still trying to figure out how certain sites are getting infected, there are ways to check if your WordPress site is one of the victims and protect yourself against any future attacks.

WordPress website may have some malicious code

A team of security researchers from c/side, a cybersecurity firm, reported that 5,000 WordPress websites were targeted in a recent malware campaign. According to a report on the c/side blog, a malicious domain called WP3.XYZ is being 'used to expose sensitive data, including administrator credentials and activity status ,' and allows the attackers to create unauthorized admin users. Those fake admins can then download dangerous WordPress plugins onto the vulnerable sites.

How to Protect Yourself from the Latest WordPress Malware Attack Picture 1

The good news is, acting as unauthorized admin accounts can be detected in the code, allowing you to review your site and remove them, along with any mysterious plugins.

How to check if a website is infected with malware and is protected

If you have a WordPress site, you should check your site's security using one of the following resources:

PublicWWW.com
URLScan.io

If vulnerabilities are highlighted, you should log into your WordPress account to remove unused, suspicious plugins as well as unauthorized admins.

Whether or not your site has been hit by the latest malware, you should still take steps to protect your WordPress site. For this attack, you can quickly implement protection by blocking the following domains in your firewall or security tool:

https://wp3[.]xyz

In addition to blocking malicious domains like these, you can also set up multi-factor authentication (MFA) for your account. Finally, you can add or double-check that you have protection against Cross-Site Request Forgery (CSRF) attacks.

The team at c/side is still investigating the source of the malicious scripts, so we don't know exactly where the vulnerability lies. However, third-party plugins and poorly built website themes are often sources of malware. For this reason, you should check the source of your plugins to make sure they are well-reviewed and trustworthy.

Cyber-attacks, website hacks and phishing attacks are unfortunate realities of the digital age and it's important to stay vigilant, even if you'd rather leave your website alone while you focus on other areas of your business or personal life.