Blog | G5 Cyber Security

Crooks spreads backdoor devised as a security WordPress Plugin

Experts from Sucuri discovered crooks are spreading a fake WordPress plugin dubbed X-WP-SPAM-SHIELD-PRO containing a backdoor. The fake plugin features legitimate structure and file names, but that all of its contents are fake. The plugin implements a custom sendPost() function that is used to collect information from the WordPress install and send it to the attackers. It also includes a file called plugin-header.php, used by crooks designed to add an additional administrator account mw01main to the WordPress.”]

Source: https://securityaffairs.co/wordpress/63585/malware/wordpress-fake-plugin-backdoor.html

Exit mobile version