You may be wondering why the image for this post is a sleeping cat. The answer comes from the cat sleeping on my lap while writing this post. And while the cat can sleep calmly 16 hours a day, our Incident Response Team can’t. They are available 24/7, not a minute less.
We don’t sleep when it comes to WordPress vulnerabilities. We are in fact quite security-centric and try to follow the security news for all major CMS applications. However, given that WordPress is the most widely used CMS on our servers, and in fact across the entire Internet, we place extra focus on monitoring all security-related stuff involving it. Our Incident Response Team does that around the clock, 24×7. As soon as a vulnerability is made public, we investigate it to see if it impacts our users, and we take protective measures when necessary. In this post we’ll show you a use case involving the WP Live Chat Support plugin.
Protecting Our Vulnerable Users
We performed a search across our servers to find all vulnerable instances of the WP Live Chat plugin. In total, we found just under 200 installations containing WP Live Chat with version 8.0.26 or older. The course of action was pretty clear. For each website on the list, first we had to check if it was already infected. If that was the case, we restored it from the latest available “clean” system backup. Prior to restoring, we usually create a backup copy of the current/infected files and database. Then, we proceed to update the plugin to the latest version, which has been patched. Finally, we sent out an email notice the account owner informing them of the actions we’ve taken.