Wordpress malware - What is it and how to protect your website.
-
Upload
owen-cutajar -
Category
Technology
-
view
79 -
download
1
Transcript of Wordpress malware - What is it and how to protect your website.
![Page 1: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/1.jpg)
WordPress MalwareOwen Cutajar (@OwenC)
![Page 2: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/2.jpg)
Your lovely WordPress site …
![Page 3: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/3.jpg)
looking not-so-lovely …
![Page 4: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/4.jpg)
According to the FBI
“There are only two types of companies: those that have been hacked, and those that will be.”
Robert Mueller, FBI Director, 2012
![Page 5: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/5.jpg)
Why?
Profit or Propaganda
Wordpress is an attractive target
Outdated version of WordPress
Large surface of attack across plugins/themes
![Page 6: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/6.jpg)
Classes of attacks
Targeted attacks
Password cracking (brute force / dictionary attacks)
DDOS
Malware
![Page 7: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/7.jpg)
Some terminology
Virus
Worm
Trojan Horse
Botnet
Malnet
![Page 8: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/8.jpg)
Types of attacks
Defacing
Spam
Drive-by Downloads
Backdoors
Malicious redirects and embeds
![Page 9: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/9.jpg)
Defacing
![Page 10: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/10.jpg)
Spam
![Page 11: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/11.jpg)
Drive-By Downloads
![Page 12: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/12.jpg)
Backdoors
![Page 13: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/13.jpg)
Malicious Redirects and Embeds
![Page 14: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/14.jpg)
How?
Exploits and vulnerabilities
Outdated software
Insecure credentials
Compromised host
![Page 15: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/15.jpg)
Infection Demo
Local Samples
Tools:
Base64Decoder: https://www.base64decode.org/
Execute PHP: https://eval.in/
![Page 16: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/16.jpg)
Cleaning an infected site
Manually
Wordfence demo
![Page 17: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/17.jpg)
Protecting your siteAutomatic updates
Security plugins
External scanning
User education
Two factor authentication
Off-site Backups
SSL on login page
![Page 18: Wordpress malware - What is it and how to protect your website.](https://reader031.fdocuments.us/reader031/viewer/2022030308/58f34dc91a28ab5c378b4583/html5/thumbnails/18.jpg)
References
Wordpress Vulnerability Database: http://wpvulndb.com
Wordfence: https://wordpress.org/plugins/wordfence/
Securi: https://sucuri.net/wordpress-security/
Cloudflare: https://www.cloudflare.com/
Me: @OwenC on Twitter, owencutajar on Skype