ProHoster > Блог > ayelujara iroyin > Backdoor ni 93 AccessPress afikun ati awọn akori ti a lo lori 360 ẹgbẹrun ojula

Backdoor ni 93 AccessPress afikun ati awọn akori ti a lo lori 360 ẹgbẹrun ojula

Awọn ikọlu naa ṣakoso lati fi sii ẹnu-ọna ẹhin sinu awọn afikun 40 ati awọn akori 53 fun eto iṣakoso akoonu WordPress, ti o dagbasoke nipasẹ AccessPress, eyiti o sọ pe awọn afikun rẹ ni a lo lori diẹ sii ju awọn aaye 360 ​​ẹgbẹrun. Awọn abajade ti itupalẹ iṣẹlẹ naa ko tii ti pese, ṣugbọn o ro pe koodu irira ti ṣafihan lakoko adehun ti oju opo wẹẹbu AccessPress, ṣiṣe awọn ayipada si awọn iwe pamosi ti a nṣe fun igbasilẹ pẹlu awọn idasilẹ ti a ti tu silẹ tẹlẹ, nitori pe ẹhin ẹhin wa bayi. nikan ni koodu ti a pin nipasẹ oju opo wẹẹbu AccessPress osise, ṣugbọn ko si ninu awọn idasilẹ kanna ti awọn afikun ti o pin nipasẹ itọsọna WordPress.org.

Awọn iyipada irira ni a ṣe awari nipasẹ oniwadi kan ni JetPack (pipin ti Wodupiresi Olùgbéejáde Aifọwọyi) lakoko ti o n ṣayẹwo koodu irira ti a rii lori oju opo wẹẹbu alabara kan. Itupalẹ ipo naa fihan pe awọn ayipada irira wa ninu afikun WordPress ti a ṣe igbasilẹ lati oju opo wẹẹbu AccessPress osise. Awọn afikun miiran lati ọdọ olupese kanna tun jẹ koko-ọrọ si awọn iyipada irira ti o fun laaye ni iraye si ni kikun si aaye pẹlu awọn ẹtọ oludari.

Lakoko iyipada, awọn ikọlu ṣafikun faili “initial.php” si awọn ile-ipamọ pẹlu awọn afikun ati awọn akori, eyiti o sopọ nipasẹ itọsọna “pẹlu” ni faili “functions.php”. Lati ru ipa-ọna naa, akoonu irira inu faili “initial.php” jẹ camouflaged bi ipilẹ data64 ti a fi koodu padi. Fi sii irira, labẹ itanjẹ ti gbigba aworan kan lati oju opo wẹẹbu wp-theme-connect.com, taara kojọpọ koodu ẹhin sinu faili wp-includes/vars.php.

Backdoor ni 93 AccessPress afikun ati awọn akori ti a lo lori 360 ẹgbẹrun ojula
Backdoor ni 93 AccessPress afikun ati awọn akori ti a lo lori 360 ẹgbẹrun ojula

Awọn aaye akọkọ ti o pẹlu awọn iyipada irira si awọn afikun AccessPress ni a ṣe idanimọ ni Oṣu Kẹsan 2021. O ti wa ni ro pe o je ki o si awọn backdoor ti a fi sii sinu awọn afikun. Ifitonileti akọkọ si AccessPress nipa iṣoro ti a damọ ko dahun, ati AccessPress nikan ni anfani lati gba akiyesi lẹhin ti o kan ẹgbẹ WordPress.org ninu iwadii naa. Ni Oṣu Kẹwa Ọjọ 15, Ọdun 2021, awọn ile-ipamọ ti o kan nipasẹ ẹnu-ọna ẹhin ni a yọkuro lati oju opo wẹẹbu AccessPress, ati pe awọn ẹya tuntun ti awọn afikun jẹ idasilẹ ni Oṣu Kini Ọjọ 17, Ọdun 2022.

Sucuri ṣe ayẹwo awọn aaye lọtọ lori eyiti awọn ẹya ti o kan wọle ti AccessPress ti fi sori ẹrọ ati ṣe idanimọ wiwa ti awọn modulu irira ti kojọpọ nipasẹ ẹnu-ọna ẹhin ti o firanṣẹ àwúrúju ati awọn iyipada darí si awọn aaye arekereke (awọn modulu jẹ ọjọ 2019 ati 2020). O ti ro pe awọn onkọwe ti ẹnu-ọna ẹhin n ta iraye si awọn aaye ti o gbogun.

Awọn akori ti o ni iparọpo ẹhin ninu:

  • ore wiwọle 1.0.0
  • accesspress-ipilẹ 3.2.1
  • wiwọlepress-lite 2.92
  • wiwọlepress-mag 2.6.5
  • accesspress-parallax 4.5
  • wiwọlepress-ray 1.19.5
  • accesspress-root 2.5
  • accesspress-staple 1.9.1
  • accesspress-itaja 2.4.9
  • ibẹwẹ-lite 1.1.6
  • ohun elo 1.0.6
  • bingle 1.0.4
  • Blogger 1.2.6
  • ikole-lite 1.2.5
  • doko 1.0.27
  • tan imọlẹ 1.3.5
  • ile itaja 1.2.1
  • aworan 2.4.0
  • gaga-corp 1.0.8
  • gaga-lite 1.4.2
  • ọkan-aaye 2.2.8
  • parallax-bulọọgi 3.1.1574941215
  • parallaxsome 1.3.6
  • punte 1.1.2
  • yiyi 1.3.1
  • ripple 1.2.0
  • yiyi 2.1.0
  • sportsmag 1.2.1
  • storeville 1.4.1
  • swing-lite 1.1.9
  • olupilẹṣẹ 1.3.2
  • awọn-Aje 1.4.1
  • uncode-lite 1.3.1
  • unicon-lite 1.2.6
  • vmag 1.2.7
  • vmagazine-lite 1.3.5
  • vmagazine-iroyin 1.0.5
  • zigcy-omo 1.0.6
  • zigcy-Kosimetik 1.0.5
  • zigcy-lite 2.0.9

Awọn afikun ninu eyiti a ti rii aropo ẹhin:

  • accesspress-ailorukọ-post 2.8.0 2.8.1 1
  • accesspress-aṣa-css 2.0.1 2.0.2
  • accesspress-aṣa-post-iru 1.0.8 1.0.9
  • accesspress-facebook-auto-post 2.1.3 2.1.4
  • accesspress-instagram-kikọ sii 4.0.3 4.0.4
  • wiwọlepress-pinterest 3.3.3 3.3.4
  • wiwọlepress-awujo-counter 1.9.1 1.9.2
  • accesspress-awujo-awọn aami 1.8.2 1.8.3
  • accesspress-awujo-login-lite 3.4.7 3.4.8
  • wiwọlepress-awujo-ipin 4.5.5 4.5.6
  • accesspress-twitter-auto-post 1.4.5 1.4.6
  • wiwọlepress-twitter-kikọ sii 1.6.7 1.6.8
  • ak-akojọ-awọn aami-lite 1.0.9
  • ap-alabaṣepọ 1.0.7 2
  • ap-olubasọrọ-fọọmu 1.0.6 1.0.7
  • ap-aṣa-ijẹri 1.4.6 1.4.7
  • ap-mega-akojọ 3.0.5 3.0.6
  • ap-ifowoleri-tabili-lite 1.1.2 1.1.3
  • apex-iwifunni-bar-lite 2.0.4 2.0.5
  • cf7-itaja-to-db-lite 1.0.9 1.1.0
  • comments-pa-wiwọle 1.0.7 1.0.8
  • rorun-ẹgbẹ-taabu-cta 1.0.7 1.0.8
  • everest-admin-theme-lite 1.0.7 1.0.8
  • Everest-bọ-laipe-lite 1.1.0 1.1.1
  • Everest-ọrọ asọye-Lite 2.0.4 2.0.5
  • Everest-counter-lite 2.0.7 2.0.8
  • Everest-faq-oluṣakoso-lite 1.0.8 1.0.9
  • Everest-gallery-lite 1.0.8 1.0.9
  • Everest-google-places-atunyẹwo-lite 1.0.9 2.0.0
  • Everest-awotẹlẹ-lite 1.0.7
  • Everest-taabu-lite 2.0.3 2.0.4
  • Everest-Ago-lite 1.1.1 1.1.2
  • inline-ipe-si-igbese-Akole-lite 1.1.0 1.1.1
  • ọja-slider-fun-woocommerce-lite 1.1.5 1.1.6
  • smart-logo-showcase-lite 1.1.7 1.1.8
  • smart-yi lọ-posts 2.0.8 2.0.9
  • smart-yi lọ-si-oke-lite 1.0.3 1.0.4
  • lapapọ-gdpr-ibamu-lite 1.0.4
  • lapapọ-egbe-lite 1.1.1 1.1.2
  • Gbẹhin-onkowe-apoti-lite 1.1.2 1.1.3
  • Gbẹhin-fọọmu-Akole-lite 1.5.0 1.5.1
  • Woo-baaji-apẹrẹ-lite 1.1.0 1.1.1
  • wp-1-slider 1.2.9 1.3.0
  • wp-blog-faili-lite 1.1.0 1.1.2
  • wp-ọrọ-apẹrẹ-lite 2.0.3 2.0.4
  • wp-kukisi-olumulo-alaye 1.0.7 1.0.8
  • wp-facebook-awotẹlẹ-ifihan-lite 1.0.9
  • wp-fb-ojiṣẹ-bọtini-lite 2.0.7
  • wp-lilefoofo-akojọ 1.4.4 1.4.5
  • wp-media-faili-lite 1.1.2 1.1.3
  • wp-popup-asia 1.2.3 1.2.4
  • wp-popup-lite 1.0.8
  • wp-ọja-gallery-lite 1.1.1

orisun: opennet.ru

Fi ọrọìwòye kun