A massive WordPress redirect campaign has been discovered by security researchers at Sucuri* who say that cybercriminals are leveraging an old vulnerability in tagDiv themes and a new one found in the Ultimate Member plugin.
Chris Olson, CEO at The Media Trust:
“The redirect campaign targeting tagDiv themes and Ultimate Member plugins underscores the need for website owners using standard hosting services to perform the needed upgrades to keep their sites secure. Too often, once the site is launched, they focus only on content updates and any latency issues while forgetting about code updates on their plugins and website frameworks. That is, until bad actors breach their sites through a vulnerability. This passive, if uninformed, approach to website operations exposes website owners to the risk of being hacked and of infringing consumer protection laws like the California Consumer Protection Act and the EU’s GDPR. Given the increasing sophistication and potency of malware that can escape detection by traditional antivirus solutions, website owners should maintain an updated inventory of all the direct and indirect third parties that support their sites. They should also work with third parties on enforcing their digital policies, as well as on keeping track of and performing the needed updates as soon as they are available. Finally, they should continuously scan their website in real-time for any activities that violate their policies. Data leakage could far more seriously damage a business than website latency.”