Earlier this week the American law enforcement agency FBI issued a public warning that Islamic State hackers may use WordPress plugin vulnerabilities to compromise wordpress websites.
You, you heard correct. The FBI issued a warning to WordPress users to patch vulnerable plugins for their websites based on popular Content Management System WordPress before ISIS exploits them.
According to the FBI, “ISIS-branded attacks” have targeted religious institutions, news organizations, commercial entities, federal, state, and foreign governments, local government institutions, and assorted other domestic and international websites.
Last Wednesday, the ISIS “Islamic State Hacking Division” took down the French-language TV station TV5Monde’s website and Facebook page, halting operations.
“These ISIS hackers are supporters of ISIS (also known as ISIL), not actual members of the terrorist organization are using relatively unsophisticated methods to exploit technical flaws.
Methods they are using for the defacements indicate that individual Web sites are not being directly targeted by name or business type.
They people are mostly unskilled people and are not doing much hard work, Just leveraging known WordPress plugin vulnerabilities in commonly available hacking tools.
These flaws have already been fixed by WordPress developers, but individual Website owners may failed to install the patches.
How to protect your Website from getting Hacked ?
The patches for these identified WordPress vulnerabilities are available. To avoid an attack on your WordPress website just update your WordPress installation and its plugins now.
Most of these vulnerabilities allow cyber criminals to gain unauthorized access, upload scripts, bypass security restrictions, and steal cookies from servers. This lets a malicious hacker install malware, tamper with data or creates new accounts with full user privileges for hacked websites.