Malware masquerading itself as an SEO plugin named WP-Base-SEO has infected around 4,000 WordPress sites in the past 2 weeks, according to internet security experts. The intention of the hackers behind this latest Wordpress malware is to hide in plain sight, appearing as legitimate SEO plugin, at the same time creating a backdoor to the targeted website.
"The hackers have stolen the code from an existing, legitimate SEO plugin and tweaked it to appear genuine. That way, should a site owner look for suspicious activity, they might easily overlook it as a valid SEO plugin," said Weston Henry, a leading security analyst at security firm SiteLock, that found the bogus plugin this week. The fake WP-Base-SEO plugin is a forgery of a legitimate search engine optimisation plugin called WordPress SEO Tools..
A closer examination of the fake WP-Base-SEO malware reveals its malicious intent in the form of a base64 encoded PHP eval request, according to a technical blog that examines the plugin. "Eval is a PHP function that executes arbitrary PHP code. It is commonly used for malicious purposes and php.net recommends against using it," SiteLock said.
Attacks like this are common place with Wordpress installs and the risk that you take should you go down the DIY website builder route. Users happily and without much thought install a range of plugins to enhance the features of their website, whilst at the same time slowing down the already slow system, but that's a matter for another article and what many users don't realise is that these plugins can be written by anyone and you are putting your website at risk every time you install one.
People usually choose Wordpress installers over bespoke developers because of the cost. Of course it's a lot cheaper to pay someone to install some software rather than code you a website but if you want to a more professional impression and get your online business noticed then a bespoke website should be the first step.