Abahlaseli bakwazile ukushumeka i-backdoor kuma-plugin angu-40 nezindikimba ezingu-53 zesistimu yokuphatha okuqukethwe kwe-WordPress, eyakhiwe yi-AccessPress, ethi izengezo zayo zisetshenziswa kumasayithi angaphezu kwezinkulungwane ze-360. Imiphumela yokuhlaziywa kwesigameko ayikanikezwa, kodwa kucatshangwa ukuthi ikhodi enonya yethulwa ngesikhathi sokuyekethisa kuwebhusayithi ye-AccessPress, okwenza izinguquko ezinqolobaneni ezinikezwa ukuze zilandwe ngokukhishwa osekukhishiwe, njengoba i-backdoor ikhona. kuphela kukhodi esatshalaliswa ngewebhusayithi esemthethweni ye-AccessPress, kodwa ayikho kulokho kukhishwa okufanayo kwezengezo ezisatshalaliswa ngohla lwemibhalo lwe-WordPress.org.
Izinguquko ezinonya zitholwe umcwaningi kwa-JetPack (isigaba sonjiniyela we-WordPress Automatic) ngenkathi ehlola ikhodi enonya etholakala kuwebhusayithi yeklayenti. Ukuhlaziywa kwesimo kubonise ukuthi izinguquko ezinonya bezikhona kusengezo se-WordPress esilandwe kuwebhusayithi esemthethweni ye-AccessPress. Ezinye izengezo ezivela kumkhiqizi ofanayo nazo bezingaphansi kwezinguquko ezinonya ezivumele ukufinyelela okugcwele kusayithi elinamalungelo omlawuli.
Ngesikhathi sokuguqulwa, abahlaseli bangeze ifayela elithi "initial.php" ezinqolobaneni ezinama-plugin nezindikimba, ezixhunywe ngomyalelo othi "faka" kufayela elithi "functions.php". Ukuze kudideke umkhondo, okuqukethwe okunonya kufayela elithi βinitial.phpβ kuye kwafihlwa njengebhulokhi efakwe ikhodi ye-base64 yedatha. Ukufakwa okunonya, ngaphansi kokucasha kokuthola isithombe kuwebhusayithi wp-theme-connect.com, kulayishe ngokuqondile ikhodi yangemuva kufayela le-wp-includes/vars.php.
Amasayithi okuqala afaka izinguquko ezinonya ezengezo ze-AccessPress akhonjwe ngoSepthemba 2021. Kucatshangwa ukuthi kungaleso sikhathi lapho i-backdoor yafakwa khona izengezo. Isaziso sokuqala ku-AccessPress mayelana nenkinga ehlonziwe asiphendulwanga, futhi i-AccessPress ikwazile ukunakwa ngemva kokubandakanya ithimba le-WordPress.org ophenyweni. Ngomhla ziyi-15 ku-Okthoba 2021, izingobo zomlando ezithintwe umnyango ongemuva zasuswa kuwebhusayithi ye-AccessPress, futhi izinguqulo ezintsha zengezo zakhululwa ngoJanuwari 17, 2022.
AbakwaSucuri bahlole amasayithi lapho kwafakwa khona izinguqulo ezithintekile ze-AccessPress futhi bahlonza ukuba khona kwamamojula anonya alayishwe ngomnyango ongemuva athumela ugaxekile futhi aqondisa kabusha izinguquko kumasayithi omgunyathi (amamojula angowezi-2019 no-2020). Kucatshangwa ukuthi ababhali be-backdoor bebethengisa ukufinyelela kumasayithi asengozini.
Amatimu lapho ukushintshwa kwe-backdoor kuqoshwa khona:
- umngane wokufinyelela 1.0.0
- accesspress-basic 3.2.1
- I-accesspress-lite 2.92
- accesspress-mag 2.6.5
- i-accesspress-parallax 4.5
- I-accesspress-ray 1.19.5
- I-accesspress-root 2.5
- accesspress-staple 1.9.1
- i-accesspress-store 2.4.9
- i-ejensi-lite 1.1.6
- i-aplite 1.0.6
- i-bingle 1.0.4
- i-blogger 1.2.6
- ukwakhiwa-lite 1.2.5
- idokodo 1.0.27
- khanyisela 1.3.5
- isitolo semfashini 1.2.1
- izithombe 2.4.0
- I-gaga-Corp 1.0.8
- igaga-lite 1.4.2
- indawo eyodwa 2.2.8
- parallax-blog 3.1.1574941215
- i-parallaxsome 1.3.6
- i-punte 1.1.2
- zungeza 1.3.1
- i-ripple 1.2.0
- skrola i-2.1.0
- i-sportsmag 1.2.1
- i-storevilla 1.4.1
- i-swing-lite 1.1.9
- umqalisi 1.3.2
- uMsombuluko 1.4.1
- i-uncode-lite 1.3.1
- i-unicon-lite 1.2.6
- i-vmag 1.2.7
- i-vmagazine-lite 1.3.5
- vmagazine-izindaba 1.0.5
- i-ziggy-baby 1.0.6
- izimonyo ze-ziggy 1.0.5
- zigcy-lite 2.0.9
Ama-plugin okutholwe kuwo ukushintshwa kwe-backdoor:
- ukufinyelela cindezela-okungaziwa-okuthunyelwe 2.8.0 2.8.1 1
- accesspress-custom-css 2.0.1 2.0.2
- accesspress-Custom-post-type 1.0.8 1.0.9
- accesspress-facebook-auto-post 2.1.3 2.1.4
- accesspress-instagram-feed 4.0.3 4.0.4
- accesspress-pinterest 3.3.3 3.3.4
- accesspress-social-counter 1.9.1 1.9.2
- accesspress-social-icons 1.8.2 1.8.3
- accesspress-social-login-lite 3.4.7 3.4.8
- accesspress-social-share 4.5.5 4.5.6
- ukufinyelela cindezela-twitter-post-auto-post 1.4.5 1.4.6
- accesspress-twitter-feed 1.6.7 1.6.8
- i-ak-menu-icons-lite 1.0.9
- i-ap-companion 1.0.7 2
- i-ap-contact-form 1.0.6 1.0.7
- i-ap-custom-testimonial 1.4.6 1.4.7
- i-ap-mega-menu 3.0.5 3.0.6
- i-ap-pricing-tables-lite 1.1.2 1.1.3
- i-apex-notification-bar-lite 2.0.4 2.0.5
- cf7-store-to-db-lite 1.0.9 1.1.0
- amazwana-vimbela-cindezela 1.0.7 1.0.8
- i-easy side-tab-cta 1.0.7 1.0.8
- i-everest-admin-theme-lite 1.0.7 1.0.8
- i-everest-coming-soon-lite 1.1.0 1.1.1
- i-everest-comment-rating-lite 2.0.4 2.0.5
- i-everest-counter-lite 2.0.7 2.0.8
- i-everest-faq-manager-lite 1.0.8 1.0.9
- i-everest-gallery-lite 1.0.8 1.0.9
- i-everest-google-places-reviews-lite 1.0.9 2.0.0
- i-everest-review-lite 1.0.7
- i-everest-tab-lite 2.0.3 2.0.4
- i-everest-timeline-lite 1.1.1 1.1.2
- ukubizela-esenzweni-umakhi-lite 1.1.0 1.1.1
- isilayidi somkhiqizo we-woocommerce-lite 1.1.5 1.1.6
- i-smart-logo-showcase-lite 1.1.7 1.1.8
- i-smart-scroll-posts 2.0.8 2.0.9
- i-smart-scroll-to-top-lite 1.0.3 1.0.4
- total-gdpr-compliance-lite 1.0.4
- ingqikithi yeqembu-lite 1.1.1 1.1.2
- ekugcineni-author-box-lite 1.1.2 1.1.3
- Umakhi-ifomu lokugcina 1.5.0 1.5.1
- i-woo-badge-designer-lite 1.1.0 1.1.1
- i-wp-1-slider 1.2.9 1.3.0
- wp-blog-manager-lite 1.1.0 1.1.2
- i-wp-comment-designer-lite 2.0.3 2.0.4
- i-wp-cookie-ulwazi lomsebenzisi 1.0.7 1.0.8
- I-wp-facebook-review-showcase-lite 1.0.9
- Inkinobho ye-wp-fb-messenger-lite 2.0.7
- wp-floating-menu 1.4.4 1.4.5
- i-wp-media-manager-lite 1.1.2 1.1.3
- wp-popup-banner 1.2.3 1.2.4
- I-wp-popup-lite 1.0.8
- I-wp-product-gallery-lite 1.1.1
Source: opennet.ru