Thousands of WordPress Sites Subject to Malware Invasion

One of the most popular blogging platforms was laid open to attack from malware infection, thanks to a serious vulnerability in its Fancybox plugin. WordPress is used by more than 23% of the top 10 million websites, and the plugin had 550,000 downloads before the security flaw was discovered by users working together to find a common denominator.

Fancybox is a tool for displaying images, html content and multimedia in a “lightbox” that floats over the top of a web page. It also hasn’t been updated for two years and isn’t patched, so users have been advised to disable it immediately. WordPress have since removed Fancybox from their plugins directory.

Though the vulnerability itself is serious, there have yet to be reports of any major incidents thanks to the Website Firewall doing its job. However Sucuri – the security company analysing the plugin – have said that their log shows many exploit attempts being blocked, confirming that the danger remains very real.

Further information is being withheld until a patch becomes available. All we know currently is that the malware injects the malicious iframe “203koko” into the website, via the plugin.

For WordPress users reliant on the Fancybox features, but not using the Website Firewall, Sucuri has advised that they seek more stringent security solutions for their website.

ITC Secure Networking provides a range of products and services to help protect and maintain security, from a single machine to an entire network. Our expert team is on hand to offer help and advice. Contact us to find out more: 020 7517 3900 or email [email protected]