Skip to content
Email: info@itamindia.com
Login/Register
iTAM India - IT Asset Management
  • Home
  • About
    • About ITAM India
    • Teaching Faculty
    • ITAM India FAQs
    • Careers
    • Contact
  • Courses
    • Instructor Led Online
    • On-demand Courses
    • Course & Certifications List
  • Certification
    • ITAM India Certifications
  • Resource
    • ITAM Glossary
    • Sys Admin Glossary
    • News
    • Blog
  • My Account
0

Currently Empty: ₹0.00

Continue shopping

iTAM India - IT Asset Management
  • Home
  • About
    • About ITAM India
    • Teaching Faculty
    • ITAM India FAQs
    • Careers
    • Contact
  • Courses
    • Instructor Led Online
    • On-demand Courses
    • Course & Certifications List
  • Certification
    • ITAM India Certifications
  • Resource
    • ITAM Glossary
    • Sys Admin Glossary
    • News
    • Blog
  • My Account

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

Home » Blog » Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
Breadcrumb Abstract Shape
Breadcrumb Abstract Shape
Breadcrumb Abstract Shape
News

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

  • May 3, 2025
  • Com 0

Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin.

The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code.

“Pinging functionality that can report back to a command-and-control (C&C) server is also included, as is code that helps spread malware into other directories and inject malicious JavaScript responsible for serving ads,” Wordfence’s Marco Wotschka said in a report.

First discovered during a site cleanup effort in late January 2025, the malware has since been detected in the wild with new variants. Some of the other names used for the plugin are listed below –

  • addons.php
  • wpconsole.php
  • wp-performance-booster.php
  • scr.php

Once installed and activated, it provides threat actors administrator access to the dashboard and makes use of the REST API to facilitate remote code execution by injecting malicious PHP code into the site theme’s header file or clearing the caches of popular caching plugins.

 

This article was first written here in The Hacker News

Share on:
Sheshagiri Anegondi

Sheshagiri is a veteran in Software License Management & Cost optimization. He is the CEO of Rythium Technologies & previously was the VP - Technology in Oracle India. Apart from being, arguably, the worlds top expert in Oracle & Java licensing, he is also acknowledged to be foremost software price negotiator. His key focus is on Oracle, Microsoft & SAM best practices.

Oregon's Open Source Lab is short a quarter of a million bucks
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations

News

  • Broadcom sends VMware to record revenue,
  • Microsoft will stop pestering Windows users about Edge in EU
  • Microsoft is opening Windows Update to third-party apps
  • Stargate UAE will be live in 2026
  • Adobe says: users must pay up or downgrade
View All
License Compliance

Tags

Design Development Future licensing microsoft News Software
iTAM India - IT Asset Management

Empowering India with accredited education in SAM, HAM, ITOM, InfoSec and FinOps

Address: 408, Vashi Infotech Park, Sector 30A, Vashi, Navi Mumbai 400703
Email: info@itamindia.com

ITAM India

  • About ITAM India
  • Careers
  • Instructor Led Online Courses
  • On-Demand Courses
  • Course & Certifications List
  • ITAM India Certified Credentials
  • OEM Credentials Practice Tests
  • FAQs

Learn

  • A listing of ITAM Skills
  • Network Monitoring
  • Hardware Asset Management
  • Software License Management
  • Software Asset Management
  • Information Security
  • CMDB
  • FinOps
  • IT Vendor Management

Contacts

Email Us
Icon-linkedin2 Icon-instagram Icon-twitter
Copyright 2025 ITAM India. All Rights Reserved.
iTAM India - IT Asset Management
Cancel Preloader