1 min read

BackupBuddy Plug-in for WordPress Under Attack Because of Zero-Day Vulnerability

Silviu STAHIE

September 09, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
BackupBuddy Plug-in for WordPress Under Attack Because of Zero-Day Vulnerability

Security researchers have discovered a new zero-day vulnerability affecting BackupBuddy, a WordPress plugin with more than 140,000 installs. The exploit allowed attackers to download files from the affected websites.

Criminals often target WordPress plugins so they can compromise websites with vulnerable components. Since web admins often neglect to install the latest versions of the various software and plugins running websites, the ground for cyberattacks is fertile.

But that’s assuming the developers know about vulnerabilities and have already released patches. In other situations, criminals use zero-day vulnerabilities, and no patches are available yet.

“After reviewing historical data, we determined that attackers started targeting this vulnerability on August 26, 2022, and that we have blocked 4,948,926 attacks targeting this vulnerability since that time,” said the security researchers from Wordfence.

“The vulnerability affects versions 8.5.8.0 to 8.7.4.1, and has been fully patched as of September 2, 2022 in version 8.7.5. Due to the fact that this is an actively exploited vulnerability, we strongly encourage you to ensure your site has been updated to the latest patched version 8.7.5 which iThemes has made available,” the researchers added.

The problem with this vulnerability is that it’s being exploited in the wild, so researchers haven’t said much about it. However, they registered over 4.9 million exploit attempts targeting this vulnerability since Aug 26, 2022. Among the files that attackers try to download are /wp-config.php and /etc/passwd, which could give them even more sensitive information.

Fortunately, the vulnerability received a patch, and users of the BackupBuddy plugin are advised to upgrade their installation to version 8.7.5 as soon as possible. Given the size of the install base, it will take a while until the patch disseminates to all users, which means this attack will continue for some time.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read