Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Summary
Threat actors have compromised the update servers of the Smart Slider 3 Pro plugin for WordPress and Joomla to distribute a malicious version containing a backdoor. The incident affects version 3.5.1.35 and impacts a popular plugin with over 800,000 active installations.
IFF Assessment
This is bad news for defenders as a popular plugin has been backdoored, potentially exposing numerous websites to compromise.
Defender Context
This incident highlights the critical need for vigilance regarding plugin updates, even from reputable developers, as their infrastructure can be compromised. Defenders should implement strict vetting processes for plugin updates, consider delaying updates for a short period to observe community feedback, and ensure robust backup and recovery strategies are in place.