WordPress websites are often hijacked so a phisher can host their landing page on a site that does not lead back to them. And WordPress sites can be interesting targets for other cyber-criminals who export the user name and password database for cracking and sale on the Dark Web.
In this case, the cyber scammer actually paid $15,000 to the developer of a popular WordPress plugin “Display Widgets.” After modifying the plugin code, he pushed an update to WordPress sites using the plugin. The new code posted spam messages promoting a payday loan business that he also owned.
This guy had already purchased and modified other plugins from other developers including the “404 to 301” plugin. The full story is available on the WordFence blog, and I encourage you to click over for a read.
The important take-away here is that even if you are doing everything possible to secure your website, it can be compromised as the result of another person’s business decision to sell their software to another company.
- The Man Behind Plugin Spam: Mason Soiza – on WordFence