Introduction
In early 2013, utilization of CMS systems such as Joomla and WordPress was on the rise and the trend continues. Ordinary configurations and non-QA'd (Quality Assured) additions coupled with rapid development help make CMS the perfect target to utilize.
Packages like Joomla and WordPress (our approach) are popular because of their ease of use. This ease of use and rapid add-on development do not come without some inherent hidden dangers.
Once identified, vulnerabilities in one of these popular CMS systems are usually an "explode once, repeat many" approach. Therefore, corrupt cyber criminals exploit quickly and use sites with these vulnerabilities, usually for the following reasons:
Generalized use of the software: according to several studies, it is estimated that more than 50% of WordPress installs are utilized.
Ability to standardize and automate: From the attackers' perspective, this is a quick way to expand your BOT network.
Who influences it?
There are two main parts affected by such a security breach, the site and site visitors.
The most important use of this WordPress software is in SMB (Small Business) support. This is probably due to the fact that WordPress is a user-friendly and feature-rich CMS system that can be used without being technically proficient. Small and medium businesses are not the only ones affected by this, but they are generally the least intelligent to secure your site.
Users who connect to the exploited site also become potential targets. The reason is that the attacker is likely to leave malware integrated on the site and try to infect any user who connects to visitor management kiosk.
What is the impact and why should I be careful?
The reason hackers and cyber criminals want to exploit their CMS system is not only to steal all their user accounts and data, but also to infect users (with malware) connecting to the site. When the unsuspecting user becomes infected with malware, it is added to a BOT to be exploited by malware commanders (Master of the BOT). This generally includes things like credit card theft, extraction of private information or activation to participate in a DDoS attack or other malicious activity.
Impact on hacked site owners:
Being identified by Google and other software as a malicious site that leads to a drop in traffic
Sales are falling.
Loss of customer confidence.
Possible requirements
Lost time
IMPACT ON USERS infected with MALWARE:
Financial losses
Loss of privacy
Potential identity theft
Lost time
No matter how big or small your business is, if you are affected by any of the above, you will soon have a serious crisis management situation!