WordPress sites covered 90% of all the hacked content management systems (CMSs) that Sucuri investigated and helped to fix in 2018. In a very distant second, third, and fourth respectively were, Magento with 4.6%, Joomla 4.3%, and Drupal 3.7% as stated in the report the company published yesterday.
Sucuri experts faulted most of the hacks on the vulnerabilities in themes and plug-ins, issues from misconfiguration, and lack of maintenance by the webmasters, who are often forgetful of updating their CMS themes and plugins.
Experts stated that only about 56 percent of the sites they investigated were actually running an up-to-date CMS at the point they were called for a remedy to their hack.
E-commerce sites often left out-of-date
But while 90% of all the hacked sites were WordPress, many of them were running an up-to-date version. Sucuri disclosed that only 36 percent of all the hacked WordPress sites that were investigated by them ran an outdated version.
On the other hand, CMSs such as PrestaShop, Joomla, Magento and OpenCart when investigated, were mostly running on an outdated version.
“This trend in outdated versions supports the idea that e-commerce sites are notorious for straggling behind on updates to avoid breaking functionality and losing money,” said Sucuri.
“Attackers have a high interest in targeting e-commerce websites with valuable customer data (i.e., credit card and user information). It’s imperative these website owners update their software to ensure their sites have the latest security enhancements and vulnerability patches.”
Yet, despite the fact that some sites ran outdated CMS versions, “the leading cause of infections stemmed from component vulnerabilities,” Sucuri added.
SEO spam is on the rise
When the sites were hacked, Sucuri disclosed that hackers usually deployed backdoors with the company finding one on 68% of all the compromised websites it investigated.
Sucuri experts also said that hackers used around 56% of the hacked sites to host their malware for other operations, and then deployed SEO spam pages on about 51% of the hacked sites –this figure was risen from the 44% in the past year, 2017.
“SEO spam is one of the fastest growing families over the previous years. They are difficult to detect and have a strong economic engine driven by impression-based affiliate marketing.”
“Most frequently, the result of Search Engine Poisoning (SEP) attacks, where attackers attempt to abuse site rankings to monetize on affiliate marketing or other blackhat tactics, SEO spam typically occurs via PHP, database injections, or .htaccess redirects.”
“Websites impacted by SEO attacks often become infected with spam content or redirect visitors to spam-specific pages. Unwanted content is regularly found in the form of pharmaceutical ad placements but may also include injected content for other popular industries like fashion or entertainment (i.e. pornographic material, essay writing, fashion brands, loans, and online gambling).” Sucuri said