90% of hacked CMS sites in 2018 are WordPress sites
According to a report by Sucuri, 90% of the hacked content management systems (CMSs) they had investigated and helped fix in 2018 were WordPress sites. Magento, Joomla and Drupal came a distant second, third and fourth at a little more than 4% each.
They attributed it to weak plugins and themes, outdated plugins, themes and CMS, and disorganization. In fact, only 56%of the sites they had to remediate hacks from had an updated CMS.
Also, it’s important to mention that most of the hacked sites had backdoors or SEO spam and websites that were infected by SEO attacks got injections of different content placeholders from industries such as pharmaceutical, fashion, different financial loans and etc.
Ecommerce sites not updated for latest vulnerabilities
While only 36% of the hacked WordPress sites were up to date, the other ecommerce CMSs like OpenCart, Joomla and Magento were not updated. According to Sucuri, it’s because ecommerce sites far that an update would interrupt their functionality and working.
Sucuri however advises ecommerce website owners to update their software with the latest safety features. It’s because attackers prefer hacking ecommerce websites because of the valuable data like credit card information available here.
Sucuri also states that along with outdated CMS versions, weak components were another important reason for increased hacking.
Even more SEO spam
Sucuri also said that hackers used mostly backdoors and stored malware for other operations in 56% of hacked sites. They even released SEO spam pages on about 51% of the hacked sites, 7% more than last year.
According to Sucuri, SEO spam is growing quickly, is difficult to detect and is backed by impression-based affiliate marketing. SEO spams generally occur through PHP, .htaccess redirects or database injections where attackers use blackhat tactics like abusing site rankings to monetize on affiliate marketing.
The attacked websites either contain spam or injected content for other industries like fashion or entertainment like pornography and online gambling. Some sites even redirect visitors to spam pages with unnecessary content like pharmaceutical ad placements.
My website is hosted on DreamHost, I really like it due to it's stability and helpful support. Furthermore, their servers are extremely reliable, secured and fast, I don't remember when the last time we had a server downtime. If you sourcing for a great hosting service, go grab it.
Latest posts by Johnny McKinsey (see all)
- Full List of EIG Web Hosting Companies Brands With Details (+ Non-EIG Hosting Recommendation), Beware of EIG Hosting (Updated 2019)! - November 17, 2019
- WP Engine Review : Hosting Plans, Pros & Cons (2019 Updated) - November 15, 2019
- WP Engine Coupon - November 15, 2019