Monday 5 January 2015

ISC website Compromised: Possible Vulnerable WordPress Plugin

The Internet Systems Consortium (ISC) website – a WordPress site – was quickly taken down last week after researchers at Cyphort Labs notified the open source software provider that its main page had been modified and was ultimately redirecting visitors to the Angler Exploit Kit.

In a Monday email correspondence, Victoria Risk, director of marketing at ISC, told that ISC is not certain how its website was compromised, but the organisation suspects it was through a vulnerable plugin – possibly the Slider Revolution plugin, which was being exploited recently in what is referred to as the ‘SoakSoak' attacks.

“We of course read up on WordPress vulnerabilities, and read about the [SoakSoak] problem that Sucuri had published,” Risk said. “We had already removed and deleted the supposed bad plug-in by the time this Angler Exploit infection was discovered, but it is possible that the earlier compromised plug-in had already installed a back-door by the time we removed it.”

ISC does not believe it was targeted specifically, according to Risk. She said that the organisation is now redirecting visitors to other static servers where people can access all ISC resources, and she explained that ISC is rebuilding the entire website from scratch.

Cited and more on this story at SCMagazine

No comments:

Post a Comment