• Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Security

Hackers Exploit Popular WordPress Backup Tool Used by Over 200,000 Sites

Paul Balo by Paul Balo
February 13, 2024
in Security
Share on FacebookShare on Twitter

A serious security flaw discovered in the WordPress backup plugin Backuply left over 200,000 websites vulnerable to cyber attacks, according to researchers.

The affected tool, installed on one-fifth of all WordPress sites worldwide, contains a “high severity” bug that could allow hackers to initiate denial-of-service (DoS) attacks and crash sites by overwhelming servers with traffic.

Backuply creates daily website backups to prevent data loss from crashes, hacks or failed updates. It supports exporting copies locally or to leading cloud drives like Google Drive and Dropbox.

Its wide range of options has made Backuply a popular WordPress staple since launching in 2019. Today, the plugin boasts over 300,000 active installs.

But until recently, a major weakness lurked under the hood.

On February 8th, web security platform WordFence revealed how an authentication flaw allowed anyone to remotely bombard Backuply servers with requests. Causing resource exhaustion and site outages.

“Attackers could effectively hold websites hostage, demanding bitcoin ransoms before restoring access,” explains Ryan Mercer, WordFence cyber threat analyst.

Backuply earned a 7.5 CVSS severity score out of 10 for the critical bug. Prompting the development team to rush out a patch in version 1.2.6.

Sites lacking the vital update remain exposed, warns Mercer. He anticipates cyber criminals will look to exploit Backuply vulnerabilities within days.

“We’ve seen single vulnerabilities actively attacked across 50,000 sites in under 3 days recently,” Mercer revealed. “So owners must act fast because hackers certainly will.”

WordFence applauds Backuply’s transparent handling of the situation upon responsible disclosure. Nevertheless, the frightening scope of this threat cannot be ignored.

Mercer projects collateral damage from potential mass attacks in the tens of millions of dollars. Making further inaction and complacency unacceptable for site owners.

“Events like this underline why software audits and patching is now as vital as backing up content itself when running a modern web business,” Mercer concludes.

 

Below is  the National Vulnerability Database description of the vulnerability:

CVE-2024-0842

In addition to the NVD report above, read the Wordfence Backuply vulnerability report:

Backuply – Backup, Restore, Migrate and Clone <= 1.2.5 – Denial of Service

Related Posts:

  • images (2)
    The Untold Story of WordPress and WP Engine's Clash
  • shutterstock_chatgpt
    Researchers Warn ChatGPT Crawler May Cause DDoS…
  • WordPress theme switch
    A Comprehensive Guide to Resolving File Permissions…
  • FILE PHOTO: A computer keyboard lit by a displayed cyber code is seen in this illustration picture
    Hackers Sabotaged Several Senegalese Government…
  • wp-speculative-loading-plugin-page-speed-e1712935040275
    WordPress Launches Speculative Loading Plugin To…
  • router-595x335_0
    US And UK Warn Of Custom Malware Vulnerability On…
  • WordPress_blue_logo.svg
    WordPress Launches Revolutionary 100-Year Domain…
  • A computer popup box screen warning of a system being hacked, compromised software environment. 3D illustration.
    Biggest Data Breaches Caused By Security Misconfigurations

Discover more from TechBooky

Subscribe to get the latest posts sent to your email.

Tags: backuplydenial of servicedossecurityvulnerabilitywordpresswordpress plugin
Paul Balo

Paul Balo

Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.

BROWSE BY CATEGORIES

Select Category

    Receive top tech news directly in your inbox

    subscription from
    Loading

    Freshly Squeezed

    • Truecaller Filters Verified Business Messages May 12, 2025
    • ChatGPT Deep Research Now Links to GitHub Repos May 12, 2025
    • Microsoft Offers Guide to Fix Windows Blue Screen Errors May 12, 2025
    • We’ve Invested $10b in Nigeria so Far – MTN May 12, 2025
    • Tech Hype vs. Reality – When Big Tech Missed the Mark Pt. 3 May 11, 2025
    • Google’s Antitrust Showdown, AI vs. Search, and other Headlines May 11, 2025

    Browse Archives

    May 2025
    MTWTFSS
     1234
    567891011
    12131415161718
    19202122232425
    262728293031 
    « Apr    

    Quick Links

    • About TechBooky
    • Advertise Here
    • Contact us
    • Submit Article
    • Privacy Policy

    Recent News

    Truecaller Filters Verified Business Messages

    Truecaller Filters Verified Business Messages

    May 12, 2025
    ChatGPT Deep Research Now Links to GitHub Repos

    ChatGPT Deep Research Now Links to GitHub Repos

    May 12, 2025
    Microsoft Offers Guide to Fix Windows Blue Screen Errors

    Microsoft Offers Guide to Fix Windows Blue Screen Errors

    May 12, 2025
    The NCC Commissioned MTNN To Lease Spectrums From NTEL And Renew Its 3G Spectrum

    We’ve Invested $10b in Nigeria so Far – MTN

    May 12, 2025
    Tech Hype vs. Reality – When Big Tech Missed the Mark Pt. 1

    Tech Hype vs. Reality – When Big Tech Missed the Mark Pt. 3

    May 11, 2025
    Google’s Antitrust Showdown, AI vs. Search, and other Headlines

    Google’s Antitrust Showdown, AI vs. Search, and other Headlines

    May 11, 2025
    • Login

    © 2021 Design By Tech Booky Elite

    Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    • African
    • Artificial Intelligence
    • Gadgets
    • Metaverse
    • Tips
    • About TechBooky
    • Advertise Here
    • Submit Article
    • Contact us

    © 2021 Design By Tech Booky Elite

    Discover more from TechBooky

    Subscribe now to keep reading and get access to the full archive.

    Continue reading

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok