A vital aspect of keeping your website safe, and one that is often overlooked, is that of the CMS system. An up-to-date CMS system could be the difference between a safe site and one that is easily hacked.
Why is this so important? Hackers are getting more and more advanced by the day, and software developers have to update their systems to keep up with this. They update the software to be able to withstand the latest hacks. So by having the newest version, you stand the best chance of protecting your website from getting hacked.
The following is a message received from a server company after a website with an out-dated CMS system was hacked:
“The following new malware has been identified on your account and the offending domain has been suspended.
{HEX}
base64.inject.unclassed.3 : /home/yoursite/public_html/modules/mod_tags_popular/tmpl/wp-info.php
This domain was running old versions of Joomla, WordPress, and various plugins. One of these has been exploited by attackers to place this and other malicious scripts on the account. It is absolutely imperative that you keep all scripts updated to the latest version at all times.”
Not only would this hack cause your website to either display incorrectly or crash entirely, but it collects your database, providing passwords and other sensitive information you have stored.
As a webmaster, you should do your utmost to prevent this from happening. Make sure your CMS and all plugins are always up to date!
Keep a look out for the following malware:
{CAV}Php.Trojan.StopPost : /public_html/wp-includes/class-wp-xmlrpc-server.php
{CAV}Php.Trojan.StopPost : /public_html/wp-includes/class-wp-ajax-response.php
{CAV}Php.Trojan.StopPost : /public_html/wp-includes/js/tinymce/themes/modern/footer.php
{CAV}Php.Trojan.StopPost : /public_html/wp-content/themes/clarity/js/prettyPhoto/images/thumbnails/gallery.php
{CAV}Php.Trojan.StopPost : /public_html/wp-content/plugins/wp-table-reloaded/img/sql.php
{CAV}Php.Trojan.StopPost : /public_html/wp-content/plugins/smart-youtube/themes/theme4/template.php
{CAV}Php.Trojan.StopPost : /public_html/wp-content/plugins/smart-youtube/themes/theme1/images/internet_explorer/css.php
{CAV}Php.Trojan.StopPost : /public_html/wp-content/plugins/gallery-plugin/bws_menu/languages/functions.php
Your website is hacked and server used to send thousands of emails to unknown email holders.
In this case public_html/tmp/system.php was executed to inject malicious code into 102 different PHP scripts on the domain.
1YsxVA-0042zI-8f <= nancy_nixon@yourdomain.com U=jb2 P=local S=899 T=”Top Affordable Viagra pack” for tazilla8u@yahoo.com
1YsxVA-0042zX-B2 <= nancy_nixon@yourdomain.com U=jb2 P=local S=899 T=”Top Affordable Viagra pack” for tazilla@comcast.net
1YsxVA-0042zr-DO <= nancy_nixon@yourdomain.com U=jb2 P=local S=903 T=”Top Affordable Viagra pack” for tazillo03@hotmail.com
1YsxVA-004307-Fi <= nancy_nixon@yourdomain.com U=jb2 P=local S=903 T=”Top Affordable Viagra pack” for tazilon2003@yahoo.com
1YsxVA-00430N-Hv <= nancy_nixon@yourdomain.com U=jb2 P=local S=901 T=”Top Affordable Viagra pack” for tazim.aovi@gmail.com
1YsxVA-00430b-KF <= nancy_nixon@yourdomain.com U=jb2 P=local S=895 T=”Top Affordable Viagra pack” for tazim14@yahoo.com
1YsxVA-00430u-Mb <= nancy_nixon@yourdomain.com U=jb2 P=local S=899 T=”Top Affordable Viagra pack” for tazim2ali@gmail.com
1YsxVA-004319-Ot <= nancy_nixon@yourdomain.com U=jb2 P=local S=909 T=”Top Affordable Viagra pack” for tazim2tazim2@hotmail.com
1YsxVA-00431S-RI <= nancy_nixon@yourdomain.com U=jb2 P=local S=895 T=”Top Affordable Viagra pack” for tazim78@gmail.com
1YsxVA-00431k-Td <= nancy_nixon@yourdomain.com U=jb2 P=local S=901 T=”Top Affordable Viagra pack” for tazimali26@gmail.com
Other affected files include
{CAV}Php.Trojan.StopPost : /home/public_html/images/prettyPhoto/plugin.php
{CAV}Php.Trojan.StopPost : /home/public_html/images/images/prettyPhoto/plugin.php
{CAV}Php.Trojan.StopPost : /home/public_html/images/images/uploads/media/dir.php
{CAV}Php.Trojan.StopPost : /home/public_html/images/images/uploads/media/ini.php
{CAV}Php.Trojan.StopPost : /home/public_html/images/uploads/media/dir.php
{CAV}Php.Trojan.StopPost : /home/public_html/images/uploads/media/ini.php
Why you should update your WordPress.
“WordPress 4.1.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Cedric Van Bockhaven and fixed by Gary Pendergast, Mike Adams, and Andrew Nacin of the WordPress security team.”
Why you should update your Joomla.
0