mirror of https://github.com/MISP/misp-galaxy
merge conflict solved - wp-vcd added
parent
5f34b618f8
commit
2578daabf6
|
@ -3095,6 +3095,16 @@
|
|||
"https://www.welivesecurity.com/2017/12/08/strongpity-like-spyware-replaces-finfisher/"
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"value": "wp-vcd",
|
||||
"description": "WordPress site owners should be on the lookout for a malware strain tracked as wp-vcd that hides in legitimate WordPress files and that is used to add a secret admin user and grant attackers control over infected sites.\nThe malware was first spotted online over the summer by Italian security researcher Manuel D'Orso.\nThe initial version of this threat was loaded via an include call for the wp-vcd.php file —hence the malware's name— and injected malicious code into WordPress core files such as functions.php and class.wp.php. This was not a massive campaign, but attacks continued throughout the recent months.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-campaign-is-back/",
|
||||
"https://www.bleepingcomputer.com/news/security/wp-vcd-wordpress-malware-spreads-via-nulled-wordpress-themes/"
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue