WordPress users are becoming increasingly more aware of security threats and as a result they are taking more actions to secure their websites (e.g. by installing security plugins). While this is a good thing, there are always black hats trying to take an advantage of new opportunities to compromise websites. For example, we’re seeing a rising number of fake plugins claiming to offer security, when in reality they have malicious intentions.
Recently, a fake WordPress security plugin called X-WP-SPAM-SHIELD-PRO got our attention.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Peter Gramantik. Read the original post at: https://blog.sucuri.net/2017/09/fake-plugins-fake-security.html