Skip to content Skip to sidebar Skip to footer

New Wordpress Malware Called -->Wp-Vcd<-- Distributes Via Pirated Themes

New WordPress Malware called -->wp-vcd<-- Distributes Via Pirated Themes

Denis Sinegubko is a safety researcher from Sucuri has discovered a novel moving ridge of the known malware wp-vcd that injects malicious WordPress admin users into vulnerable or hacked websites.

The researcher said that the wp-vcd malware is preinstalled within pirated WordPress premium themes published for download for gratis on about websites, he noticed that the malicious code was loaded via the include constituent in addition to injected malicious code into WordPress essence files such equally functions.php in addition to class.wp.php.

Sucuri Said
                    "it was injecting its code on “wp-includes/class.wp.php”, this is an outdated strategy to avoid beingness detected yesteryear the unaware user; since nobody wants to delete WordPress essence files in addition to direct chances the site integrity. However, equally safety tools instruct to a greater extent than in addition to to a greater extent than popular, this strategy fails. It’s at 1 time pretty tardily for whatsoever tool to uncovering modifications on essence files. And, since subject files are changed constantly, they flora a amend house to shroud it"

The malware runs yesteryear adding a hidden admin user to the website’s database, amongst the username “100010010”. The hackers volition usage this hugger-mugger concern human relationship to access the affected websites in addition to thence they tin perform several malicious activities at subsequently times.

The code is also straightforward in addition to doesn’t comprehend its malicious intentions yesteryear encoding or obfuscation of functions inward it.
Websites administrators are recommended to install themes in addition to plugins alone from trusted locations.