merge conflict solved - wp-vcd added

pull/134/head
Alexandre Dulaunoy 2017-12-10 10:19:17 +01:00
parent 5f34b618f8
commit 2578daabf6
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 10 additions and 0 deletions

View File

@ -3095,6 +3095,16 @@
"https://www.welivesecurity.com/2017/12/08/strongpity-like-spyware-replaces-finfisher/"
]
}
},
{
"value": "wp-vcd",
"description": "WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites.\nThe malware was first spotted online over the summer by Italian security researcher Manuel D'Orso.\nThe initial version of this threat was loaded via an include call for the wp-vcd.php file —hence the malware's name— and injected malicious code into WordPress core files such as functions.php and class.wp.php. This was not a massive campaign, but attacks continued throughout the recent months.",
"meta": {
"refs": [
"https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-campaign-is-back/",
"https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-spreads-via-nulled-wordpress-themes/"
]
}
}
]
}