In 2018, approximately 90% of attacks on content management systems occurred on sites managed by WordPress, then Magento (4.6%), Joomla (4.3%) and Drupal (3.7%) followed by a significant margin. Such statistics are given in a new report by Sucuri on the trends in the field of hacking sites last year.
According to the report, most of the compromise cases are not related to vulnerabilities in the CMS itself, but to bugs in various themes and plugins, incorrect configuration and disorder of webmasters, who often forget to update the software. For example, only 56% of hacked sites worked on fresh versions of CMS.
Although among the hacked sites the largest share belongs to WordPress sites, surprisingly, only 36% of these resources used outdated versions of CMS. On the other hand, in cases of PrestaShop, OpenCart, Joomla and Magento, most of the hacked sites worked with outdated versions of content management systems.
Having successfully compromised a resource, attackers, as a rule, introduce a backdoor (68% of cases), use hacked sites to host malware and conduct various attacks (56%), SEO spam (51% against 44% in 2017). SEO spam is used to “poison” the results of search results, promotion and monetization of various resources related to cybercriminals. Attackers post spam content on hacked sites or redirect users to specific pages.
Most often, unwanted content is an advertisement of any drugs or may be associated with other areas, such as fashion or entertainment industry (pornographic materials, literature, fashion brands, loans or gambling).