Could the Panama Papers Breach Been Avoided with Basic WordPress Security?
Read how a simple WordPress plugin may have enabled Panama Papers leak
By now just about everyone has heard about the “Panama Papers Breach.” The fallout is still coming from this leak of over 11.5 million documents, but at the very least the Prime Minister of Iceland has been forced to resign as a result. Russian President Putin and British Prime Minister David Cameron are also caught up in the controversy.
The Panamanian law firm Mossack Fonseca is at the center of the swirl. Our friends at WordFence security have done some testing and they have made a shocking discovery:
The Panama Papers Breach may have been a result of an outdated WordPress Plugin!
Forbes has reported that Mossack Fonseca (abbreviated as MF…how appropriate!) provided a portal for their customers to access their data. This portal reportedly was using an old, vulnerable version of Drupal. WordFence did their own digging and found this:
The MF website runs WordPress and is currently running a version of Revolution Slider that is vulnerable to attack and will grant a remote attacker a shell on the web server.
Viewing this link on the current MF website to a Revolution Slider file reveals the version of revslider they are running is 2.1.7. Versions of Revslider all the way up to 3.0.95 are vulnerable to attack.
MF has since put their website behind a firewall, but only within the last month did this happen.
On top of having an out of date plugin, and providing access to their website via an unprotected portal, it seems that MF also used the same server for their website as their email server.
While these hackers may have done the world a service by exposing corruption, learn a lesson from the failings of MF. Protect your business and your clients by securing your website.
Read more, or watch the video on CNN here
Read more about the possible plugin connection on WordFence’s blog here