WordPress Stands On Top In Most Hacked Content Management Systems of 2018

In 2018, Content Management Systems were exposed to hackers yet again but a thorough investigation this time has proved that almost 90 percent of the hacked sites were managed on WordPress.

The detailed report by GoDaddy's security team Sucuri has further revealed all the vulnerabilities hidden in plugins, themes and misconfiguration issues. Apart from that, lack of efficiency in maintaining and updating CMS by webmasters can also bring in more damage to your site.

An analysis of the latest trends in malware and hacked websites

According to the statistics presented by Sucuri, 90% of the hacked sites were of WordPress and among all them only 56 percent had an up-to-date CMS, while the other 36 per cent were running on an outdated version, just before remediation.

Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent) stood second, third and fourth in the hacked sites list and all of these CMS were not updated to their latest versions.

Hackers now attack the outdated versions more often because companies avoid updating their CMS to protect their site’s functionality and monetization process. This trend has been particularly observed in e-commerce websites, which have valuable data of their customers (i.e., credit card and user information).

Hence, it is important for owners to continuously update their software for security enhancements and vulnerability patches.

Hackers deployed backdoors in almost 68% of the cases that were being reported. They also used 56 percent of the hacked sites to host malware for other operations. Furthermore, a whopping amount of 51 per cent sites deployed SEO spam pages - rising from 44 percent in 2017.
Also Read: Fix It Already - A Campaign Against Major Privacy Flaws In Tech Giants (Including Android, Apple & Facebook)
SEO spam is on the rise these days as the Search Engine Poisoning (SEP) attacks can abuse site rankings to monetize on affiliate marketing or other blackhat tactics. These are majorly done via PHP, database injections, or .htaccess redirects and are extremely difficult to detect.

Once the SEO attack occurs in the website, it brings in more spam content and even redirects visitors to spam-specific pages. Along with that, unwanted content also appears in the form of ads that may include your competitors on your website at times or popular industries like fashion, entertainment and even pornographic material.

Read Next: Here Is How You Can Protect Your Business From All Hacking Trends (infographic)
Previous Post Next Post