Managed web hosting provider AHosting
has expressed concerns about Malware being spread by infected WordPress themes. The company, which was established in 2002 and runs facilities in Detroit, Michigan and Orlando, Florida, USA, offers a range of services including VPS hosting, dedicated servers, multiple IP and reseller hosting. The company also specializes in Content Management Hosting for Open Source (OS) installations such as WordPress, Joomla! and Drupal. The company suggested that over 20,000 WordPress sites were infected with Malware such as CryptoPHP in the last month alone.
AHosting has expressed particular concern about people using “freemium” templates (which are offered free of charge) for their CMS-driven websites, and warned against using copies of commercial templates as they might have had Malware added. AHosting further recommended that users should only use templates that originate from “verified theme directories”. This especially applies to WordPress templates. Because of its popularity, WordPress is a key target for unscrupulous developers.
“WordPress has created an inclusive platform that allows anyone to create a presence on the web,” explained AHosting’s Director of Business Development, Daniel Page. “Criminals are taking advantage of inexperienced users by injecting malicious code such as backdoors into themes and plugins, then making them available online. We’d like to make users aware of the risks and point them in the direction of verified, safe resources for obtaining free themes.”
What is your experience? Ever had Malware housed in your CMS-driven website? What did you do about it? How should people avoid this happening to them? Add your comments below.