Your new post is loading...
A new report from researchers at Sucuri reveals that websites are once again being found infected by cryptomining code – stealing the resources of visiting computers to mine for the Monero cryptocurrency.
Many web surfers almost certainly don’t realise that the reason that their laptop’s fan is running at full blast is because the website they are viewing is tied up with the complex number-crunching necessary to earn the digital currency.
But, in a twist, this particular attack isn’t just interested in mining Monero. While the website’s front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users’ login credentials.
With the keylogger in place, any information entered on any of the affected websites’ web forms will be surreptitiously sent to the hackers.
And yes, that includes the site’s login form.
We’ve said it before, and we’ll no doubt say it again. And again.
If your website is powered by the self-hosted edition of WordPress, it’s essential that you keep both it, and any third-party plugins, updated.
Self-hosting your WordPress site is attractive in many ways, but you have to acknowledge that security is now your responsibility (or find yourself a managed wordpress host who is prepared to take it on for you). New vulnerabilities are found in the software and its many thousands of third-party plugins all the time.
In short, if you don’t know what you’re doing, there’s a chance that your WordPress-running website has security holes which a malicious hacker could exploit. Such security weaknesses could potentially damage your brand, scam your website visitors, and help online criminals to make their fortune.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=WordPress
A new report from researchers at Sucuri reveals that websites are once again being found infected by cryptomining code – stealing the resources of visiting computers to mine for the Monero cryptocurrency.
Many web surfers almost certainly don’t realise that the reason that their laptop’s fan is running at full blast is because the website they are viewing is tied up with the complex number-crunching necessary to earn the digital currency.
But, in a twist, this particular attack isn’t just interested in mining Monero. While the website’s front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users’ login credentials.
With the keylogger in place, any information entered on any of the affected websites’ web forms will be surreptitiously sent to the hackers.
And yes, that includes the site’s login form.
We’ve said it before, and we’ll no doubt say it again. And again.
If your website is powered by the self-hosted edition of WordPress, it’s essential that you keep both it, and any third-party plugins, updated.
Self-hosting your WordPress site is attractive in many ways, but you have to acknowledge that security is now your responsibility (or find yourself a managed wordpress host who is prepared to take it on for you). New vulnerabilities are found in the software and its many thousands of third-party plugins all the time.
In short, if you don’t know what you’re doing, there’s a chance that your WordPress-running website has security holes which a malicious hacker could exploit. Such security weaknesses could potentially damage your brand, scam your website visitors, and help online criminals to make their fortune.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=WordPress