My Blog List

Outdated Plugin might Lead to Haking of Mossack Fonseca : Wordfence #PanamaLeaks

Mossack Fonseca, the law firm at the center of the Panama Leaks scandal, could have been hacked through outdated versions of WordPress and Drupal, according to analysis by the team behind Wordfence, a security plugin for WordPress

Significant security holes in both CMS platforms, which were being used to power the front end site and a customer portal, could have resulted in the leak that’s shined a harsh light on the wealth of the 1%.

Out of Date CMS and a Vulnerable Plugin:

The law firm’s front end site was using a WordPress plugin that is vulnerable to attack and can provide shell access on the server to a hacker  Revolution Slider, the affected plugin, is one of the most common WordPress security vulnerabilities.

A working exploit for Revolution Slider was posted back in October, 2014. Since then, any hacker with enough time on his hands can exploit sites that use the outdated insecure plugin. The working theory is that the hackers found out that Mossack Fonseca were vulnerable via automated robots that routinely check for the plugin invulnerability. Once it was logged as a possible target, the hackers probably rubbed their hands in glee at the unexpected stupidity of storing sensitive data on the same server as web content.

Mossack Fonseca’s WordPress and Drupal installs were out of date by 3 months and 2 years respectively


That’s not all. The firm’s Drupal portal for customers submitting sensitive business information was also out of date by a staggering 2 years. What’s even worse is that Drupal 7 was termed critically vulnerable  and experts recommended an immediate upgrade in a later relase. At the time, the Drupal Security Team said, “You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC; that is, seven hours after the announcement.”.

So it’s possible that the company’s Drupal site was backdoored for over a year. With the web and email servers being on the same network, it was a matter of time before hackers got to the emails once they had access.

While Mossack Fonseca has put up a firewall in the last month and have updated the WordPress core, it would still be possible to exploit the site if they were running the outdated plugin, notes Wordfence.

In conclusion, we’d like to stress the importance of basic security principles. Just update. If you are using a site that powered by the WordPress CMS, it’s essential that you upgrade your plugins, themes and WP itself as soon as a newer version is available. While your data may not force leaders of countries and MNCs to resign, it’s still valuable.

Understand Panama Papers Leak in the Simplest way Possible

Shrey Kapoor is a Tech-Enthusiast, Harvard certified Cyber Security and Cyber Forensics Expert. He Founder Techphlie.com, which is one of the India's Top Tech News Website. Even Forbes and many other renowned publishers took his articles reference. Shrey is a Technology analyst, strategic thinker and creative writer who is passionate to deliver the best, latest possible Tech-News to his followers and subscribers. He completed his masters in Artificial Intelligence & Robotics, certified in IPR, T.Q.M. & ISO 9001:2008 In Quality Management Systems.

Theme images by merrymoonmary. Powered by Blogger.