Wordpress Engine | 2 Million CyberAttack

1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses

Wordpress Engine | 2 Million CyberAttack

1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses

As many as 1.6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four plugins and 15 Epsilon Framework themes.

WordPress security company Wordfence, which disclosed details of the attacks, said Thursday it had detected and blocked more than 13.7 million attacks aimed at the plugins and themes in a period of 36 hours with the goal of taking over the websites and carrying out malicious actions.

The plugins in question are Kiwi Social Share (<= 2.0.10), WordPress Automatic (<= 3.53.2), Pinterest Automatic (<= 4.14.3), and PublishPress Capabilities (<= 2.3), some of which have been patched dating all the way back to November 2018. The impacted Epsilon Framework themes and their corresponding versions are as follow —

    Activello (<=1.4.1)
    Affluent (<1.1.0)
    Allegiant (<=1.2.5)
    Antreas (<=1.0.6)
    Bonkers (<=1.0.5)
    Brilliance (<=1.2.9)
    Illdy (<=2.1.6)
    MedZone Lite (<=1.2.5)
    NatureMag Lite (no known patch available)
    NewsMag (<=2.4.1)
    Newspaper X (<=1.3.1)
    Pixova Lite (<=2.0.6)
    Regina Lite (<=2.0.5)
    Shapely (<=1.2.8)
    Transcend (<=1.1.9)