WooCommerce Users Beware: Fake Patch Phishing Campaign Unleashes Site Backdoors
1 min read
Summary
A warning has been issued for WooCommerce users as a result of a phishing campaign whereby hackers are targeting users with a false critical patch to a non-existent security vulnerability.
The campaign is well organised with phishing emails coming in the form of Look-alike security warnings from apparent trusted sources like WordPress and WooCommerce.
Once the payload has been downloaded and activating burglars it allows back door access to sites and hinges through the use of various scripts and plugins such as wp-crontab.
Hackers can then do anything from stealing sensitive data to disrupting functionalities and holding sites to ransom.
The warning came on 28th April 2025 via Patchstack’s security team, advising users to only download patches and plugins from authenticated sites directly.