Backdoored Smart Slider 3 Pro Update Hits WordPress Sites

/MEDIUM
SCW threat-intelmalware
Backdoored Smart Slider 3 Pro Update Hits WordPress Sites

Cyber Threat Intelligence is flagging a significant supply-chain attack targeting WordPress users. A compromised update for the popular Smart Slider 3 Pro plugin was reportedly distributed through Nextend’s official servers. This means that users who updated the plugin recently might have unknowingly installed a backdoor.

According to Cyber Threat Intelligence, the compromised update allowed threat actors to inject malicious code. This backdoor could potentially grant attackers unauthorized access to WordPress websites, enabling them to steal data, deface sites, or even deploy further malware. The compromise of Nextend’s servers, the vendor behind Smart Slider 3, highlights a critical vulnerability in the software distribution process.

This incident serves as a stark reminder of the inherent risks associated with third-party plugins and the importance of a robust supply-chain security posture. Even seemingly legitimate updates from trusted vendors can become vectors for attack if their infrastructure is compromised. Organizations relying on WordPress for their web presence must remain vigilant and consider implementing stricter controls around plugin updates.

What This Means For You

  • Implement a strict "change control" process for all plugin updates, especially for critical plugins like Smart Slider 3 Pro. This involves staging updates in a non-production environment for review and scanning before deploying to live sites, and maintaining a rollback plan.

By Shimi's Cyber World Editorial

Stay ahead of this threat Search threats by organization, threat actor, or country. Get weekly briefs with IOCs and MITRE ATT&CK mapping — straight to your Telegram.
Try Intel Bot →