Hackers Selling WordPress 0-day Exploits on Hacker Forums
A new post on a hacker forum has advertised the sale of a WordPress 0-day exploit.
The seller claims that the exploit, packaged as a PHP script, can be used with a WordPress plugin to upload a shell to approximately 110,000 affected websites and retrieve a list of their URLs.
Exploit Details and Impact
The exploit, referred to as an “Autoshell,” can be used with any PHP file and offered for a starting price of 10k, which the seller suggests is a bargain considering the going rate for similar exploits.
The PHP script is said to be capable of uploading a file to many websites, indicating a potentially widespread vulnerability that could affect a significant portion of the WordPress ecosystem.
The sale of such exploits poses a severe risk to website owners and users, as it can lead to unauthorized access, data breaches, and other malicious activities.
ThreatMon, a Cyber Threat intelligence platform, recently tweeted that a threat actor on a forum has put up for sale a WordPress 0day.
The actor claims to have Autoshell (c99 or any PHP file) with the WordPress plugin.
WordPress site administrators are urged to stay vigilant, keep their software current, and monitor their sites for unusual activity. Security plugins and firewalls are also recommended to mitigate the risk of such exploits.
Response from the Cybersecurity Community
The cybersecurity community is actively monitoring the situation and trying to identify and patch any vulnerabilities this exploit may be targeting.
Website owners are encouraged to follow security best practices and subscribe to security bulletins for the latest information on threats and vulnerabilities.
The seller has specified that they will only accept cryptocurrency as payment and will not go first under any circumstances, highlighting the illicit nature of the transaction.
This development underscores the ongoing challenges faced by cybersecurity professionals in combating the sale and use of exploits on the dark web and hacker forums.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Source: https://bit.ly/3uS5LZ2