The main functionality of the trojan is to hack WordPress sites using a set of hardcoded exploits that are run successively, until one of them works. Luckily, subscribers to Hacker Blocker are immune to these attacks. More on this later on.
We are urging all WordPress users to check for these plugins and update them immediately:
Hacker Blocker and Hacker Blocker Hosting Firewalls already contain most reported bot-net IPs and networks, so distributed attacks like these don't overwhelm our subscribers' websites. We may receive a few attacks out of thousands, and our detection & blocking systems take care of those in real-time on the subscriber's website locally. We then receive a report of any attack, and add it to all our subscribers' firewalls within minutes.
Besides detecting and blocking attacks on our subscribers, we also trace and block the Command and Control servers that direct these bot-nets and receive data from infected machines. In the past 6 years, we've blocked thousands of C2 servers, and continue to find new servers as they come online.
Some of our methods include using tools such as Shodan.com to search for specific tags and find Command & Control servers, as well as their bot-nets before they attack any of our subscribers. This proactive approach keeps attacks to a minimum, especially like the attack that is still ongoing on WordPress plugins.
Having Hacker Blocker doesn't mean you can relax when it comes to keeping your WordPress plugins up-to-date, however. Your webmaster should be keeping up with updates, if you don't have one, you can Google search how to update WordPress plugins and follow the instructions. Hacker Blocker Hosting offers full webmaster services with their hosting plans, find out more here.
For more information about Hacker Blocker, visit our product information page or contact our offices.