Cybercriminals Exploit Zero-day Vulnerability In Wordpress Image-resizing Utility

By Author: eccuni
Total Articles: 211
Comment this article

Security researchers have detected zero-day vulnerability in one of the WordPress themes, which attackers may exploit to execute a malicious code. TimThumb, an image-resizing utility enables resizing, cropping and zooming of images and is shipped with some of the themes used for WordPress blogging platform. Attackers are exploiting the feature of TimThumb to write files to a directory while resizing the images. Visitors to the website can access the directory, thereby allowing an attacker to upload malicious PHP files on the directory and execute it by accessing a file through a web browser.

Mark Maunder, CEO of Feedjit, whose own blog was attacked, first reported the vulnerability. The attack resulted in loading of advertising content on his blog even when the site is not configured to allow loading of such content. Mark has advocated disabling the ability of the TimThumb to load files into an accessible directory from an external site as one of the remedies to prevent exploitation by attackers. The developer of TimThumb, Ben Gillbanks is reportedly trying to address the zero-day vulnerability.

Many themes ...
... that work with the popular blogging and publishing platform are available on the Internet for download. However, all may not be secure. The popularity and wide usage of the blogging platform makes it an attractive target for criminals operating in the cyberspace. Attackers may inject malware-ridden content to take advantage of vulnerabilities and target large number of Internet users. Earlier in the year, developers of Wordpress detected that attackers had Trojanized plugins such as AddThis, WPtouch and W3 Total Cache. As a result, the developers had to force-reset all passwords and release fresh updates to the affected plugins. Security researchers may enhance their expertise by undertaking security certification and online university degree programs.

Users of the blogging platform must keep track of security alerts issued by the researchers and developers and take appropriate measures to safeguard their blog sites from malicious attacks. They must install the latest versions of the plugins and themes. They must install only those themes and plugins, which are required in their normal usage of the blogs. They must also keep their computers secure from viruses, Trojans and other malicious software by using legitimate security software. Internet users must refrain from clicking on third-party links advertised on blogs and websites to prevent unintentional downloading of malicious software on their computers. They must also be wary of clicking on links on pop-up advertisements. They must directly visit a website by typing the address on the web browser. Threats in the IT environment are vibrant. E-tutorials, security blogs and online degree programs may enable Internet users to stay updated on latest threats and preventive measures.

Organizations must update to the latest versions of the blogging platform. They must backup the entire data related to the blog site for swift restoration in case of a malicious attack. Professionals qualified in penetration testing and computer science degree may help in timely mitigation of flaws and implementing appropriate measures to improve security.