WordPress plugins are typically used to provide webmasters with additional functionality for their websites. However, what they might not know is that some of these plugins may contain a hidden cryptocurrency mining exploit.
Researchers at website security and threat detection company Sucuri have detected several WordPress plugins that contain functions that are used to secretly mine cryptocurrency on affected machines.
Copy, Paste, Repeat
According to Sucuri researchers, these plugins take the guise of several popular WordPress plugins, cloning their features while adding functionality that allows the plugin to change permissions on the underlying server and execute Linux executable binary code using the eval function. By doing this, the attacker is essentially able to secretly run code on the server, including a cryptocurrency miner binary file known as ‘Multios.Coinminer.Miner-6781728-2.’ Once the Multios crypto miner has been executed on the target system, it will then operate silently in the background, using up server resources to surreptitiously mine cryptocurrencies which are funneled back to the attacker.
By copying to code of popular pre-existing plugins and combining it with an already known crypto mining binary, the attacker is able to cover much more ground, producing potentially endless combinations of infected plugins and exploits. Because of this, infected machines could be used for much more than just cryptocurrency mining, such as mail spamming, DDoS and brute-force attacks.
Sucuri also found that this particular malicious plugin is a copy of version 1.16.16 of UpdraftPlus, a WordPress plugin used to simplify backups and restorations. Two commonly detected variants of the malicious plugin are known as ‘initiatorseo’ or ‘updrat123’.
Staying Safe
Unfortunately, simply removing the plugin typically does not resolve the attack, since only the original plugin installation files will be removed, leaving the nefarious binary code untouched. Instead, webmasters will need to ensure they perform regular server-side security scans to detect any unauthorized code and maintain proper control over access permissions. WordPress users should ensure that they are running a capable web application firewall on their server, or can use Sucuri’s own ‘Sucuri Scanner’ WordPress plugin to help maintain the integrity of their server.
This now adds WordPress to the growing list of platforms that have been targeted by malicious parties looking to steal resources for the purposes of mining cryptocurrencies. Just days ago, BeInCrypto also reported that hackers have now turned to exploiting WAV files for deploying cryptojacking code—is there nowhere safe?
What do you think is the best way to deal with the rise in cryptojacking attempts? Let us know your thoughts in the comments below.
Images are courtesy of Shutterstock.
Top crypto platforms in the US | February 2025
eToro
Explore
Explore
Explore
Explore
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Top crypto platforms in the US | February 2025
eToro
Explore
Explore
Explore
Explore
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
Top crypto platforms in the US | February 2025
Uphold
Coinbase
eToro
eToro
eToro
eToro
Moonacy
Chain GPT
Uphold
Coinbase
eToro
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
eToro
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
eToro
Don’t invest unless you’re prepared to lose all
the money you invest.
This is a high-risk investment and you should not expect to be protected if something goes wrong.
Take 2 mins to learn more
eToro
Moonacy
Chain GPT
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Daniel Phillips
After obtaining a Masters degree in Regenerative Medicine, Daniel pivoted to the frontier field of blockchain technology, where he began to absorb anything and everything he could on the subject. Daniel has been bullish on Bitcoin since before it was cool, and continues to be so despite any evidence to the contrary. Nowadays, Daniel works in the blockchain space full time, as both a copywriter and blockchain marketer.
After obtaining a Masters degree in Regenerative Medicine, Daniel pivoted to the frontier field of blockchain technology, where he began to absorb anything and everything he could on the subject. Daniel has been bullish on Bitcoin since before it was cool, and continues to be so despite any evidence to the contrary. Nowadays, Daniel works in the blockchain space full time, as both a copywriter and blockchain marketer.
READ FULL BIO
Sponsored
Sponsored