Software when in the hand of the mindful few can reap some amazing benefits. But when they reach into the grasp of the notorious ones, the consequences can be dire and unfathomable. In today’s times, even the most trusted sources and portals cannot be trusted. Take everything with a pinch of salt. Lately, this has been proved by researchers that there have been found spiteful WordPress plugins which are being used judiciously. These infected plugins when used are secretly being able to bring in cryptocurrency with the aid of Linux binary code.
A cryptocurrency which is a digital property fabricated to work in a way which would become a source of exchange. This source makes use of potent cryptography to make safe and secure financial transactions. Moreover, it is responsible for the production of additional units and further verifying the to and fro movement and transfer of assets. These sources which are involved in the bitcoin mining process are servers which ask for a lot of input like electricity, hosting etc. To avoid all these the hackers very cleverly sneak into the servers that are already existing or n this case are the compromised ones and use them to mine cryptocurrency.
A team of researchers at the website security company named Scruri have come up with proof that the plugins were being used to maintain access to compromised servers. Reportedly their utilization had shown a rise in their graph in the past few months.
WordPress which a widely used and trusted content management system that is feasible with the MySQL or MariaDB database servers. Additionally, it has the plugin features system in place in their respective themes which help the users to manipulate and built a page from scratch. It has established itself and has earned a reputation of being the most idle website creation tool around the world, since its release on 27 May 2003. This news of software plugin manipulation news will greatly affect the user preferences too.
The malicious plugins which were made use of are a very crafty replica of the authentic software, that have been tampered with to look exactly the same but for unlawful activities. These clones have been very easy to recreate by hackers.
It has been found out in the research that these faux plugins made it on WordPress in different names like ‘initiatorseo’ or ‘updrat123’.
Something peculiar is that these plugin code names are different from their actual names. Although these plugins share something in common. For example, an identical structure and header comments of the infamous UpdraftPlus which a backup/restore plugin.
What’s more interesting to note is that, the hackers didn’t create a fake and pretentious Word Press plugin from the ground up. They simply manipulated the code of a pre-existing plugin and infused it with all sorts of atrocities.
Along with bringing the extent to which a hacker can go to, for bringing in terror and minting money, it also brings to the forefront the need of making a thorough virus scan and the need to make use of components that come from a trusted source