• Home
  • About
    • About Us
    • Our Team
    • Case Studies
  • Services
    • E-Commerce Solutions
    • Mobile Application Development
    • Web Development / Enhancement
    • WeChat Development Services
      • WeChat Subscription Account
      • WeChat Service Account
      • WeChat Mini Program
      • Our Clients
    • Internet Marketing & Advertising
    • Web Hosting & Domain
  • Coding Academy
  • Blog
  • Contact Us

WordPress Hackers Anywhere

April 19, 2018

  • 0 Comments
  • Bravo Net
  • News & Update, Security

Apparently we’ve been targeted again due to unknown WordPress theme source code being uploaded to one of our hosting account by our client. The code files left a backdoor for hackers to inject malicious code again.

Please please please remember don’t upload “FREE THEME” or “Plugins” from unknown source, most of the time they have backdoor with it. A lot of WordPress users (not programmers) apparently don’t know the underlying danger behind all these code files.  p.s: i’ve been one of them before.

Unluckily our website became one of the victims,

Lucky, we found out early. They manage to upload web shell “WSO 2.6” and apparently this script manage to bypass shell,exec etc PHP default functions.

Several harms that they had done on the side including mass content edit & mass password change etc.

The web shell script injected has been encrypted

So what’s our approach?

It seem impossible to prevent all these suspicious code to run by hardening PHP with disable_functions. The malicious code needs safe_mode to be off which is not possible to widely enable in PHP5.6 (safe_mode has been removed since PHP5.4).

I realised that they  started the attack at midnight 2.30 AM, probably run by bot to scan and look for all the files that’s possible planted by them in some of the directories.

We did some security prevention in our server to prevent all these code being injected again and reduce the possibility of being execute.

Educating our clients is the most important part in the entire experience.

If you are facing any security problem, feel free to look for advise from us.

 

 

 

Post navigation

← Previous Post Previous post:
Next Post → Next post:

About Author: Bravo Net

All Comments


    Write a Comment

    Cancel

    ABOUT US

    Bravo Net Solution is a digital agency dedicated to building a better internet by providing innovative solutions to clients with the vision to have their businesses connected to the digital world.

    FIND US

    Address
    Unit 1009, Lobby 3, 10th Floor, Block A,
    Damansara Intan, Jalan SS20/27,
    47400 Petaling Jaya, Selangor Darul Ehsan
    Malaysia

    Hours
    Monday—Friday: 10:00AM–6:00PM

    Contact
    Tel: +6011 2020 9588
    Email: [email protected]

    Quick link

    E-Commence Solutions

    Mobile Application Development

    Web Development / Enchancement

    WeChat Development Services

    Internet Marketing & Advertising

    Web hosting & domain

     

     

     

     

    ©Copyright 2017 Bravo Net Solution, a wholly owned subsidiary of Sapiens Technologies Sdn Bhd. All Rights Reserved.

    FacebookLinkedin
    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok