Hackers are currently targeting WordPress sites that are running the unpatched Tatsu plugin. There was a large scale hack that was originally found back in March. An update was released since then, however, the issue is that many WordPress users haven't updated their software or the plugin and therefore are still susceptible to the hack. Many websites that focus on revenue generation are targeted by hackers as it's an easy way to steal money. This is why it's important to always keep your software, plugins and extensions up to date.
Key Takeaways:
- There was a large scale attack targeting a vulnerability in Tatsu that was originally disclosed in March.
- Since many users have yet to install the latest version of Tatsu, they are still susceptible to the hack.
- Websites that play a key role in revenue generation are typically targeted by hackers at a high rate as it's an easy way to steal funds.
“If a WordPress installation is running an unpatched copy of Tatsu, the most common payload deployed is a dropper, software that allows additional malicious scripts to be installed in a randomly named subfolder.”
