ISIS Hackers Using WordPress Vulnerabilities: FBI

According to a media release by Federal Bureau of Investigation Cyber criminals are hosting the fraudulent government websites to gain the financial and personal information from unaware web searchers. The hackers can take control of the affected system through the WordPress content management system plug-in Vulnerability.

According to the press release by the FBI ” Successful exploitation of the vulnerabilities could result in an
attacker gaining unauthorized access, bypassing security restrictions,
injecting scripts, and stealing cookies from computer systems or network
servers. An attacker could install malicious software; manipulate data;
or create new accounts with full user privileges for future Web site
exploitation.”

 FBI fears that the ISIS Hackers are taking advantage of these WordPress Vulnerabilities and targeting websites which use WordPress as the content management system. That may include News websites, Government sites, religious institutions and other domestic and International websites.

While on the other hand there is a theory that there is no relationship between these defacement’s and ISIS. Many infosec specialist believe that if you are using a content management system it doesn’t matter what type of content management system you are using WordPress or any other. Your content management system should be updated always. Updating and installing all plug-ins in your content management system is the only solution for this issue.

FBI also added in another media release with the previous one that hackers are hosting fake government services websites to get the fraudulent fees and also the personal information of the people. These activities are going on from May 2012 to March  2015. The amount of fraudulent fees are not very high, but the FBI is taking this matter seriously because those hackers acquired personally identifiable information.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...