The Australian Government has warned of hackers, claiming to be ISIS aligned, who are infiltrating popular software to deface websites.
The notification from the Australian Government's Stay Smart Online Alert Service, follows a warning from the US Federal Bureau of Investigation which states that individuals purporting to working with ISIS are using vulnerabilities in plug-ins for popular web software, such as Word Press, to vandalise web pages.
The FBI recommends that users of WordPress apply software patches to these vulnerabilities to reduce the risk of their websites being defaced.
An attacker can exploit the vulnerabilities to gain unauthorised access to computer systems or servers, enabling them to install malicious software, manipulate data or create new accounts with full user privileges for future website exploitation, the FBI says.
WordPress is one of the most popular systems used worldwide to develop and manage website content. WordPress plug-ins are programs used to add further features and capabilities to these websites.
The FBI warns that the defacements are affecting the website operations and communications platforms of news organisations, commercial entities, religious institutions, federal, state and local governments, foreign governments and ‘a variety of other domestic and international websites’.
According to the FBI, the perpetrators are not members of ISIS, but hackers using the ISIS name to increase their notoriety.