One widespread belief among webmasters is that attackers typically only compromise websites in a couple of ways: by exploiting vulnerabilities or stealing login credentials.

Although these are certainly two of the more common attack vectors, another method is often overlooked — but the result is just as hazardous. Whenever an attacker can successfully trick a website owner into installing a backdoor on their website, they are able to accomplish the exact same goal: unauthorized access.

Continue reading Pirated WordPress Plugins Bundled with Backdoors at Sucuri Blog.

Via Sucuri.net