When expanding WordPress with third party plugins to get the features that you want and need, there are security risks that can arise, and here is one recently. A new WordPress backdoor has been discovered that can create a rogue admin account to hijack websites. The backdoor was disguised as a caching plugin called WP Fastest Cache. This plugin has been fixed and is no longer vulnerable to the backdoor. Most likely, admins who found their WordPress websites load too slow, opted to install the plugin to try to make their websites load faster.
However, any WordPress website that is running an outdated version of the WP Fastest Cache plugin is still vulnerable to the backdoor. Additionally, any WordPress website that is running a different caching plugin or no caching plugin at all may still be vulnerable to the backdoor if it is exploiting a vulnerability in the WordPress REST API.
Once the rogue admin account is created, the attacker can use it to gain full control over the website. They can change the website’s content, install malware, and even steal sensitive data from the website’s visitors.
How to protect your WordPress website from this backdoor
To protect your WordPress website from this backdoor, you should:
- Update your WordPress installation to the latest version.
- Update your WordPress plugins and themes to the latest versions.
- Use a WordPress security plugin, such as Wordfence or Sucuri.
- Keep your WordPress website backed up.
You should also scan your WordPress website regularly for vulnerabilities and malware. You can do this using a WordPress security plugin or by hiring a WordPress security expert.
What to do if you think your WordPress website has been infected
If you think that your WordPress website has been infected with this backdoor, you should:
- Change your WordPress admin password and database password immediately.
- Scan your WordPress website with a WordPress security plugin, such as Wordfence or Sucuri.
- Remove any infected files from your WordPress website.
- Restore your WordPress website from a backup.
If you are not comfortable doing these things yourself, you should contact a WordPress security expert for assistance.
Additional tips
- Use strong passwords for your WordPress admin account and database.
- Enable two-factor authentication (2FA) for your WordPress admin account.
- Limit the number of users who have access to your WordPress admin account.
- Only install plugins and themes from trusted sources.
- Keep your WordPress plugins and themes up to date.
- Regularly back up your WordPress website.
By following these tips, you can help to protect your WordPress website from this backdoor and other security threats.
Related: Transitioning from a Hacked WordPress Site to UltimateWB: A Seamless Rebuild