Category: SiteLock News

SiteLock Threat Intercept blog

Trending: Fake WordPress SEO Plugin Provides Backdoor Access

By Jessica Ortega

We recently discussed a particularly sneaky piece of malware that’s been disguising itself as fake plugin and targeting Joomla! users. While this phenomenon is not unique to the Joomla! content management system, SiteLock has discovered a recent trending fake plugin for WordPress, one of the world’s largest open source applications.

The fake plugin the SiteLock Research team found is called WP-Base-SEO. It is a forgery of a legitimate search engine optimization plugin, WordPress SEO Tools. Malicious content was found in /wp-content/plugins/wp-base-seo/wp-seo-main.php.  At first glance, the file appears to be legitimate, including a reference to the WordPress plugin database and documentation on how the plugin works.

WordPress fake SEO Plugin header

Fake plugin header

Tags:   fake plugin, Joomla!, SiteLock, WordPress
Categories:  SiteLock News, WordPress security