Home » News » Hackers used flaw in Yuzo Related Posts plugin for a massive attack on WordPress-powered websites

Hackers used flaw in Yuzo Related Posts plugin for a massive attack on WordPress-powered websites

Mail service Mailgun was attacked together with more than a thousand of other companies’ sites on Wednesday, April 10.

During the attack hackers exploited vulnerability in Yuzo Related Posts plugin that allows establishment of scripting between web-sites (XSS). With its help attackers implemented on vulnerable websites a code that redirects users on malware resources, including fake technical service portals, malicious software that was masked under updates, and ads.

“Our applications including the Mailgun Dashboard, APIs, and customer data stored on our platform were not impacted by this issue”, – the company Mailgun said in its status report page.

However, Mailgun was not the only victim of massive attack on websites with vulnerable plugin. Situation could be avoided is researcher that found it informed developer prior to RoS-exploit publishing.

Due to RoS-exploit publishing plugin same day had to be removed from official WordPress plugin library until patch release. Nevertheless, bulk of websites that use Yuzo Related Posts are still vulnerable. According to WordPress, at the moment of plugin removal it was established on 60 thousands websites.

On 10th of April, attacks came as an avalanche, and Yuzo Related Posts developer in dispatch asked website owners to remove problematic plugin. Defiant specialists say that for the attack is responsible one of the groups that actively exploit vulnerabilities in Easy WP SMTP and Social Warfare plugins.

Source: https://www.zdnet.com/article/mailgun-hacked-part-of-massive-attack-on-wordpress-sites/

[Total: 1    Average: 5/5]
READ  Mysterious woman-hacker published exploit for increasing vulnerability of rights increase in Windows 10

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

Adwind attacks energy sector

RAT Trojan Adwind attacks US energy sector

Unknown attackers targeted infrastructure of the US electricity industry. With the help of malicious emails, …

Trojan Bolik masks under NordVPN

Bank Bolik Trojan masks itself under NordVPN

Doctor Web experts warned that attackers use copies of popular services sites to distribute Bolik …

Leave a Reply