“This thing doesn’t want to show itself, it wants to hide inside an imitation. It’ll fight if it has to, but it’s vulnerable out in the open. If it takes us over, then it has no more enemies, nobody left to kill it. And then it’s won.” -MacReady, John Carpenter’s The Thing

WordPress Attacks Happen Regularly

If you run a WordPress site promoting your business, you probably noticed a few attacks over the last few months. On one of my WordPress sites, I noticed someone or something  regularly probing the XML-RPC function in an attempt to identify my site users and brute force their password using the system.multicall method.  Globally, these infection attempts spiked in November of 2016, but the bad actors are still probing for sites regularly even as we speak.  

If you have no idea what that means, just know that someone is launching a probe against your website in an attempt to hijack it for their own purposes.

Recently, on another one of my WordPress sites, I noticed a new probe – this one searching for the Symposium plugin.  I performed a quick search on WordPress Symposium and found that it’s a social network plugin for WordPress allowing website owners to build custom social networks and forums.  Sounds like a useful tool!

After digging further, I discovered that in December of 2016, bad actors launched a major offensive in site probes after the makers of Symposium discovered a zero-day vulnerability. Needless to say, the creators of this plugin patched it up and made the fix available.

So these ‘bad hombres’ are now out there infecting WordPress websites whose owners don’t know there’s a problem or don’t have time to perform updates regularly.  You can find the full details on the probe in this Sucuri post.

Simple Tips to Protect Your WordPress Site

You want to protect your site? Here are a few simple exercises you can do immediately. Make sure you update your site to the latest release of WordPress (4.7.2 as of 2017 03 04). Oh, and make sure you update all of your plugins to the latest release as well.

Oh, and if you have a deactivated plugin on your site, delete it. Don’t give these bad dudes any additional help on infecting your site with their rogue software.

There are some additional security activities you can perform on your website. But if you’re a salesperson who’s only trying to promote your name and your brand, these are the simplest and easiest activities to perform.

Keep your digital properties in your own hands. Don’t let a parasite take over your site!


Update 4/12/2017: The 4.7.3 is the latest WordPress version.  Turn on automatic updates or perform the manual update today. Oh, and make sure you update your plugins and templates as well.