The announcement of the exploit sale caused tension in the information security community.
ThreatMon, a cyber threat analysis platform, reported that a well-known hacker forum announced the sale of a Zero Day exploit for WordPress.
The vendor claims that this exploit, implemented as a PHP script, can be used in conjunction with the WordPress plugin to upload Shell scripts to about 110,000 websites and get a list of their URLs.
Autoshell Sale Announcement
The exploit, called Autoshell, can work with any PHP file and is offered at a starting price of $10,000. The seller emphasizes that this is a good offer, given the market value of such exploits. The script is able to upload files to multiple sites, which indicates a possible large-scale vulnerability that could affect a significant part of the WordPress ecosystem.
The seller indicated that it accepts only cryptocurrency for payment and does not agree to prepayment, which underlines the illegal nature of the transaction. The information security community is actively monitoring the situation and trying to identify and fix any vulnerabilities that the exploit might target.
Selling such exploits poses a serious risk to website owners and users, as exploitation can lead to unauthorized access, data leaks, and other malicious activities.
WordPress site administrators are strongly encouraged to stay alert, update their software in a timely manner, and monitor any unusual activity on their sites. We also recommend using security plugins and firewalls to reduce the risk of exploits.
ThreatMon, a cyber threat analysis platform, reported that a well-known hacker forum announced the sale of a Zero Day exploit for WordPress.
The vendor claims that this exploit, implemented as a PHP script, can be used in conjunction with the WordPress plugin to upload Shell scripts to about 110,000 websites and get a list of their URLs.
Autoshell Sale Announcement
The exploit, called Autoshell, can work with any PHP file and is offered at a starting price of $10,000. The seller emphasizes that this is a good offer, given the market value of such exploits. The script is able to upload files to multiple sites, which indicates a possible large-scale vulnerability that could affect a significant part of the WordPress ecosystem.
The seller indicated that it accepts only cryptocurrency for payment and does not agree to prepayment, which underlines the illegal nature of the transaction. The information security community is actively monitoring the situation and trying to identify and fix any vulnerabilities that the exploit might target.
Selling such exploits poses a serious risk to website owners and users, as exploitation can lead to unauthorized access, data leaks, and other malicious activities.
WordPress site administrators are strongly encouraged to stay alert, update their software in a timely manner, and monitor any unusual activity on their sites. We also recommend using security plugins and firewalls to reduce the risk of exploits.
