September 29, 2017 By Catalin Cimpanu
A cyber-criminal has hidden the code for a PHP backdoor inside the source code of a WordPress plugin masquerading as a security tool named "X-WP-SPAM-SHIELD-PRO."
The attacker was obviously trying to leverage on the reputation of a legitimate and highly popular WordPress plugin called "WP-SpamShield Anti-Spam
," a popular anti-spam tool for self-hosted WordPress sites.
Instead, users who downloaded X-WP-SPAM-SHIELD-PRO got a nasty surprise in the form of a backdoor that allowed the attacker to create his own admin account on the site, upload files on the victim's servers, disable all plugins, and more.