Large-scale defacement of WordPress websites

Feb 22, 2017

Last week BBC News reported 1.5 million pages on WordPress blogs were hacked.

What Happened?

There was an Unauthenticated Privilege Escalation Vulnerability in a REST API Endpoint. The vulnerability is found in an add-on for the WordPress blogging software that was introduced in versions released at the end of 2016.

The patched version of WordPress was formally released on 26 January and led to many sites and blogs automatically applying the update.

Security firm WordFence said it had seen evidence that 20 hacker groups were trying to meddle with vulnerable sites. About 40,000 blogs are believed to have been hit.

Where websites hosted by Didgeroo affected?

Thanks to our pro-active approach to security, no websites hosted by Didgeroo were affected by this latest attack.

At Didgeroo we are WordPress experts that protect your site, from getting infected.

We provide a secure and safe hosting server for all our websites. At Didgeroo run regular security checks on all our websites and hosting platform, providing a safe and secure experience for all our customers. We protect your site and ensure there are no backdoors left for the hackers.