serviço de correio Mailgun foi atacado juntamente com mais de um milhar de sítios de outras empresas nesta quarta-feira, abril 10.
During the attack hackers exploited vulnerability in Yuzo Related Posts plugin that allows establishment of scripting between web-sites (XSS). Com seus atacantes ajuda implementado em sites vulneráveis um código que redireciona os usuários sobre os recursos de malware, incluindo portais de serviços técnicos falsos, malicious software that was masked under updates, and ads.“Our applications including the Mailgun Dashboard, APIs, and customer data stored on our platform were not impacted by this issue”, – the company Mailgun said in its status report page.
Contudo, Mailgun was not the only victim of massive attack on websites with vulnerable plugin. Situation could be avoided is researcher that found it informed developer prior to RoS-exploit publishing.
Due to RoS-exploit publishing plugin same day had to be removed from official WordPress plugin library until patch release. mesmo assim, bulk of websites that use Yuzo Related Posts are still vulnerable. According to WordPress, at the moment of plugin removal it was established on 60 thousands websites.
On 10th of April, attacks came as an avalanche, and Yuzo Related Posts developer in dispatch asked website owners to remove problematic plugin. Defiant specialists say that for the attack is responsible one of the groups that actively exploit vulnerabilities in Easy WP SMTP and Social Warfare plugins.
Fonte: https://www.zdnet.com/article/mailgun-hacked-part-of-massive-attack-on-wordpress-sites/
