Hi everyone, this is a public service announcement to spread awareness of a series of new exploits being used to hack WordPress sites.
The hack in questions uses a few vulnerabilites in WordPress plugins to plant code in the back end of your site resulting in redirects to unknown locations and also creates a back door entry point by generating a rogue admin account.
As far as we know this issue is still ongoing, last week we posted about updating your site and plugins to prevent intrusions exactly like this. If you haven’t already read the following article linked. It provides more information about the hack and what you can do to prevent it.
There are a few specific plug ins you should check your site for that are the root cause, if you have these plugins installed then you should remove them NOW.
Below are the afflicted plug ins
- Bold Page Builder
- Blog Designer
- Live Chat with Facebook Messenger
- Yuzo Related Posts
- Visual CSS Style Editor
- WP Live Chat Support
- Form Lightbox
- Hybrid Composer
- All former NicDark plugins (nd-booking, nd-travel, nd-learning, et. al.)
If you’re concerned that maybe your site could have these installed then contact our support team and we’ll be able to help.
You can reach us by phone on 1300 761 930 or by email at firstname.lastname@example.org.