The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Cyware

– WPML Plugin was reportedly hacked by a former employee, who also sent out spam emails to its users regarding the site’s security.

– WPML allows multilingual websites to work smoothly under WordPress.

WPML, a plugin supporting multilingual websites in WordPress was hacked on 20th January, say sources. Along with the breach, WPML users were sent spam emails regarding the site’s security.

WPML employee Amir Helzer said in a blog post that it was allegedly the work of a former employee. On the other hand, Helzer has mentioned that the attacker did not steal any confidential information such as login details and payment information.

Playing Smoke and Mirrors

A tweet by a WPML user showed the email’s message. At a glance, the attacker used the site’s mailer service to send emails and has cited ‘ridiculous security holes’ in the email. Also, the email advises users to stop using sensitive information and to make frequent backups.

It seems that the former employee/attacker took a dig at the company not providing a ‘100% hack proof” software, and criticised the site’s offerings such as its product plans and support service.

WPML fixes the site immediately

After many users reported this email, WPML responded with a fix by revamping the site. This is mentioned in Amir Helzer official blog.

“We updated wpml.org, rebuilt everything and re-installed everything. We secured access to the admin use 2-factor authentication and minimszed the access that the web server has to the file system. These are more precautions than an actual response to the hack.”

Moreover the official blog stated that, “Our data shows that the hacker used inside information (an old SSH password) and a hole that he left for himself while he was our employee. This hack was not done via an exploit in WordPress, WPML or another plugin, but using this inside information.”

Source: Cyware