TECHNOBABBLE

TECHNOLOGY | SECURITY | NEWS

Malicious WordPress Plugins from SimplyWordPress Traced to Mason Soiza, Nefarious WordPress Spammer

Earlier today, the folks over at Wordfence released news that plugins from SimplyWordpress were found to be malicious in nature. The WordPress plugin “Captcha”, which had over 300,000 active installs, was modified to deploy an unauthenticated backdoor via an automatic update process that downloads, self-extracts and installs a different version of the plugin. One of the files downloaded, plugin-update.php, is a backdoor.

 

Matt Barry with Wordfence went on to describe in detail, connections between SimplyWordpress, Stacy Wellington, Charlotte Ann Wellington and infamous WordPress plugin spammer, Mason Soiza. Mason is well known for purchasing WordPress plugins and modifying them for nefarious purposes. For more information on SimplyWordpress and Mason Soiza, please head over to the Wordfence blog now by clicking here!

 

Wordfence recommends that you immediately uninstall the Captcha plugin from any of your sites that it is running on. Further, any and all products from SimplyWordpress should be removed given the connections to Mason Soiza

SimplyWordpress Captcha Mason Soiza

  1 comment for “Malicious WordPress Plugins from SimplyWordPress Traced to Mason Soiza, Nefarious WordPress Spammer

  1. Sean
    December 25, 2017 at 1:48 AM

    The Wordfence team is doing a great job in exposing these crooks, but what surprises me is that the UK authorities are not doing anything about this. It’s probably too sophisticated for them to understand, as they run 10 years behind compared to the USA!

Leave a Reply

Your email address will not be published. Required fields are marked *