Hundreds of WordPress websites were hacked after failing to update to version 4.7.2, which was a security release for all previous versions of WordPress. Many of the hacked sites are showing the phrases “Hacked By SA3D HaCk3D“, “HaCkeD By MuhmadEmad“, “KurDish HaCk3rS WaS Here“, “Long Live to peshmarga“, and sometimes include the e-mail handle “firstname.lastname@example.org” in titles and throughout content.
The WordPress 4.7.2 Security Release fixes 4 known security issues, one of which wasn’t disclosed at first due to how serious it was. The Disclosure of Additional Security Fix in WordPress 4.7.2 was published February 1, 2017 (a week after the update was released) and explains “WordPress 4.7 and 4.7.1 had one additional vulnerability for which disclosure was delayed. There was an Unauthenticated Privilege Escalation Vulnerability in a REST API Endpoint. Previous versions of WordPress, even with the REST API Plugin, were never vulnerable to this.”
If you have fallen victim to this latest hack, update WordPress immediately to version 4.7.2 and correct the content on your site. If you need assistance, contact TyTech Solutions to help.