At WP Chase we encourage our readers to always install plugins and themes on their WordPress sites from legit sources, that means you can either purchase or use free themes or plugins from the WordPress main site or purchase from known developers. Today we talk about WP-VCD.
Some site owners take a short cut and download pirated themes or plugins, what this does is open your website to become a hacking and malware trojan horse. So your visitors will become victims without your knowledge.
WordPress security provider WordFence has today released a new finding about one of the most prevalent malware infections facing the WordPress ecosystem in recent weeks is a campaign known as WP-VCD. Despite the relatively long existence of the campaign, the Wordfence threat intelligence team has associated WP-VCD with a higher rate of new infections than any other WordPress malware every week since August 2019, and the campaign shows no signs of slowing down.
Infection In Brief
The WP-VCD infection itself is spread via “nulled”, or pirated, plugins and themes distributed by a network of related sites, and it’s remarkable in the way it propagates once deployed. Behind the scenes, extensive command and control (C2) infrastructure and self-healing infections allow attackers to maintain a persistent foothold on these infected sites.
WordFence have also published a comprehensive whitepaper analyzing WP-VCD which contains the full details of our research efforts into this prevalent campaign. It is intended as a resource for threat analysts, security researchers, WordPress developers and administrators, and anyone else interested in tracking or preventing the behavior associated with WP-VCD.
The full scope of their investigation into WP-VCD far exceeds that of a typical research blog post, so please read the complete whitepaper: WP-VCD: The Malware You Installed On Your Own Site.
Credits: WP-VCD whitepaper by Mikey Veenstra. Editing by Sean Murphy and Ramuel Gall.