Wordpress Hack Exploits Old Code
Attackers have exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.
The exploited flaw is specifically found in outdated versions of the WordPress tagDiv Newspaper and Newsmag themes, according to a December blog post in a security company update.
1) If the visitor is determined to be logged in as an admin user, the malware creates the rogue user “simple001” with full admin privileges, allowing for complete takeover of the site.
2) If visitors are not logged as an admin and they have not been to the site within the last 10 hours, then the malware commences a chain of redirects that sends them to various scam and advertisement sites.
Wordpress is the most popular website building platform in the world and many live sites are never updated with the latest securtity patches, leaving them vulneable to this variant. If you are using the Wordpress platform, make sure you respond to all security updates as you receive them.
You have to be right every time - hackers need to be right only once.