“This thing doesn’t want to show itself, it wants to hide inside an imitation. It’ll fight if it has to, but it’s vulnerable out in the open. If it takes us over, then it has no more enemies, nobody left to kill it. And then it’s won.” -MacReady, John Carpenter’s The Thing
WordPress Attacks Happen Regularly
If you run a WordPress site to promote your business, you probably noticed a number of probes or attacks over the last few months. On one of my WordPress sites, I noticed someone or something regularly probing the XML-RPC function in an attempt to identify my site users and brute force their password using the system.multicall method. Globally, these infection attempts spiked in November of 2016, but the bad actors are still probing for sites regularly even as we speak.
If you have no idea what that means, just know that someone is launching a probe against your website in an attempt to hijack it for their own purposes.
Recently, on another one of my WordPress sites, I noticed a new probe – this one searching for the Symposium plugin. I performed a quick search on WordPress Symposium and found that it’s a social network plugin for WordPress allowing website owners to build custom social networks and forums. Sounds like a useful tool!
After digging further, I discovered that in December of 2016, bad actors launched a major offensive in site probes after the makers of Symposium discovered a zero-day vulnerability. Needless to say, the creators of this plugin patched it up and made the fix available.
So these ‘bad hombres’ are now out there infecting WordPress websites whose owners are ignorant that there’s a problem or don’t have time to perform updates regularly. You can find the full details on the probe in this Sucuri post.
Simple Tips to Protect Your WordPress Site
You want to protect your site? Here are a few simple exercises you can do immediately. Make sure you update your site to the latest release of WordPress (4.7.2 as of 2017 03 04) and that you update all of your plugins to the latest release as well.
Oh, and if you have a deactivated plugin on your site or you have a plugin that you don’t need, delete it. Don’t give these bad dudes any additional help on infecting your site with their rogue software.
There are some additional security activities you can perform on your website. But if you are a salesperson or a small business owner who is only trying to promote your name and your brand, these are the simplest and easiest activities to perform.
Keep your digital properties in your own hands. Don’t let a parasite take over your site!
Update 4/12/2017: The 4.7.3 is the latest WordPress version. Turn on automatic updates or perform the manual update today. Oh, and make sure you update your plugins and templates as well.