Captcha Plugin Removed From WordPress Repository for Security Breach
I've just read a post at Wordfence.com/blog stating that the Captcha plugin has been removed from the WordPress repository because the new plugin owners have inserted a backdoor into the code.
Basically they've added stuff to the code which creates an updated version of the plugin with an extra file which allows anyone access to the website.
With over 300,000 installs of the plugin this is a serious situation.
If you have the Captcha plugin installed on your website then please deactivate and delete it.
Stay safe, friends.
Recent Comments
71
thank you Marion for this vital information. Was it connected to the suspected North Korean attack of yesterday? I don't have this plug-in but still it makes me wonder who at word press would do such a thing and WHY? Scott
The article at https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/ explains the situation more fully (though it's a bit more technical). There's a malicious organization which is buying up plugins so they can exploit them for their own gains.
Wow!! talk about conspiracies. What's next? Where do these people come from? I know we'll never find out ,but I wonder what their real goal is , raid bank accounts steal Gov't secrets industrial espionage? duck , here it comes ALL THREE< probably. I hope there is some body trying to track these ...... down Scott
This is absolutely unethical. They should be banned from ever submitting code period Who knows what other plug-ins have backdoors as well.
In my courses on software security, we often had to hack sites and look for loopholes, SQL injection, examine code etc... I don't have the time for that these days. I am trying to make money and inspire others, writing.
We take it for granted that these downloads are tested properly and examined by WP.org.
Thanks for letting us know Marion.
David
It's an ongoing fight to curb malicious organizations from exploiting plugins for their own gains. As soon as malicious code is found the plugin concerned is removed from the WordPress repository. But that doesn't mean that it's removed from the websites which have the plugin installed. That's up to the individual website owners.
The linked article lists these five plugins as being associated with the people who did this to the Captcha plugin:
Covert me Popup
Death To Comments
Human Captcha
Smart Recaptcha
Social Exchange
Thanks, Marion. I understand. I would love a more proactive approach. To submit patches or code to the Linux kernel on Github, It has to go through a very tedious process before being added.
The info gathered from these exploits could haunt some for years.
What would we do without you Marion? Appreciated.
All the best!
David
The linked blog post has quite a bit of very detailed information on how this happened. It also lists five other plugins that are linked to the person/company who put the malicious code into the Captcha plugin:
Covert me Popup
Death To Comments
Human Captcha
Smart Recaptcha
Social Exchange
Thank you for the info., Marion:). I thought that I had this plugin, but just checked, and apparently don't. Thanks so much for sharing:)
Blessings:)
Suzi
See more comments
Thank you for the important information.