The above topic may sound cacophonous to the web admin that are largely depending on the WordPress for building their sites. This is not for the first time that webmasters have to come across the issues related to the security of the WordPress CMS. This has not only become all time preferred CMS just because of the numbers but it has also provided the relevant solutions to the user’s issues.
The diligent efforts in maintaining the security and the integrity of the CMS is undoubted and has made it stand ahead of the others. Irrespective of this the mischievous activities of the hacker’s community is never ending. The latest news as about the fake WordPress API that is quite similar in name with the original one has been launched to steal the information of the websites.
Nowadays the latest trap developed by the attackers is not all about hacking the site but they are focusing on stealing the information from the site. This is done by floating the fake WordPress site that is built to befool the webmasters and admin to give it control to browse the sessions and stealing the information.
This site related news was first revealed by the consulting firm Security in its report. This site is launched in the name of the WordPrssAPI that is quite enough to befool the users for using this fake API as it is of the WordPress CMS. Thus the mere typo sort of error made by the users in choosing the WordPrssAPI can lead you in troubles. This entire episode was about stealing information from the active cookies of the site.
This was based on the idea of using impersonate usage of the site by befooling the admin and the webmasters. Further, in the report, the Consulting firm clarified that there were no potential damages made to the sites running on the WordPress CMS. It also states that the fake site intending to steal the cookies is now offline. But this has created a new havoc for the WordPress Users that now shall keep a watch on such sites with malicious intentions.
The Original WordPress sites are having a pattern of login session expiry that safeguards the users from various issues as every time they have to log in using the password. This fraudulent API was stealing the information and sending it to the fake site so the login session expiry constraint was released.
How this Typo-squatting works?
Further adding to it the hackers have developed the site in such a manner that all the information that was sent to the fake domains was kept hidden from the search engine crawlers. Thus it is inevitable for the webmasters to take care in using the legitimate sites only for any sort of code audit and other such processes.
The increasing number of the CMS based sites and has given the attackers the opportunity to focus on these sites as they are a simple target. The modular components make it easy to inject the malicious codes in the CMS based sites. These attacks are more prone to affect the sites running on the CMS like WordPress, Joomla and Magento, therefore, the webmasters need to be more focused and attentive for the same.