At SWCP, we love our WordPress. This site is run on WordPress, we support the platform and strive to make it as easy and safe to use as possible, and we even host meetings at Ideas and Coffee to discuss how to use it most effectively.

After all, WordPress is now used by up to a quarter of all sites on the Web, and there are thousands of themes and plug-ins to make it look and behave pretty much any way you want. But all that success brings with it a downside, which is that now the bad guys have begun to target it.

The latest attack is both frightening and dangerous. Somehow – the means is still unknown – hackers have been able to inject code that sends visitors to a fake ad site. These sites are loaded with evil ransomware that can take over the user’s machine. More information can be found here.

Before freaking out, note that:

  1. The redirect only attacks first-time visitors. Regular visitors and the site administrators will therefore be unaware of this and unaffected by it.
  2. Apparently, only users with out-of-date versions of Adobe Flash Player (yet again), Adobe Reader, Microsoft Silverlight and Internet Explorer are vulnerable.

For some reason, the flaw is not detectable by most anti-virus programs yet.

So users need to be alert. If you visit a site and are redirected to another, do not click on anything. Instead close your browser immediately. Then scan your machine for any malware – it may not detect it, but it can’t hurt. And in any case, keep your programs updated and your data backed up.

WordPress site owners should also be alert. Keep your site updated – automatically is best. The vulnerability that this exploit uses, however, is probably not in the platform, which is very stable. Nor is it likely in the themes used, but rather the plug-ins, which are very powerful but are often not as secure as they could be. Those need to be kept up-to-date, too.

There are other ways that site owners can make their WordPress installations more secure. Please note, however, that many of these involve actually modifying the code running the platform. Unless you know PHP and understand how WordPress functions, do not attempt those steps.

Backing up your WordPress site is also a very good idea. If your site is hosted at SWCP, it is automatically backed up daily.  If it is hosted elsewhere, you may need to install a backup plugin to be sure that you can recover if there is a problem.  And if you see anything suspicious, please report it to SWCP Tech Support ASAP.

Check back here for updates on this situation. And be assured that Southwest Cyberport will stay on top of this and do everything we can on our end to keep your sites and Internet experience safe. We’re all in this together.