Websites Using OptinMonster Hacked by Clever Attack: What This Means for Your SME

A Clever Hack Affects Popular Website Tools

We recently learned of a concerning attack targeting website administrators. Three popular tools used by many businesses to enhance their websites – OptinMonster, TrustPulse, and PushEngage – have been compromised. This occurred through a clever trick, also known as a 'supply-chain attack'.

This attack did not target your website directly, but rather a service these tools rely on. Specifically, it affected the network that rapidly distributes files and code across the internet, known as a Content Delivery Network (CDN). The company behind these tools, Awesome Motive, has confirmed their CDN was impacted.

This allowed malicious actors to gain access to the code of plugins used by millions of websites. It is a clear indicator that security across the entire digital chain is of paramount importance, even for services we trust.

How the Hack Worked: The Digital Supply Chain Attack

Imagine sending a letter. A supply-chain attack is akin to hacking the postal sorting center instead of the recipient's house. The attackers infiltrated Awesome Motive's system, which distributes the software for OptinMonster, TrustPulse, and PushEngage.

This system, their Content Delivery Network (CDN), acts as a rapid delivery service for the code of these plugins. By exploiting this network, hackers were able to inject their own malicious code into the updates of these plugins. Because these plugins are used by numerous websites, the malicious code spread rapidly.

This meant that websites with automatic updates enabled unknowingly received the malicious code. This created a backdoor, allowing hackers to access the websites using the infected plugins.

The attackers' objective was not immediately clear, but distributing malicious code can lead to various dangers. They might attempt to steal sensitive data, such as customer information, login credentials, or financial details. Another possibility is using the compromised website to infect other computers or send spam.

Attackers often try to infect systems with malware or ransomware first. However, thanks to Awesome Motive's swift response, measures have been taken to halt the spread. They have removed the compromised code and are working to strengthen their system's security.

Nevertheless, it is important for websites to take the necessary steps to protect themselves.

What This Means for SME Businesses: Essential Security Steps

This recent hack might sound distant, but it has direct implications for many SME businesses using these tools. It demonstrates that even established and widely used software can be vulnerable. If your business has a website that utilizes OptinMonster, TrustPulse, or PushEngage, it is crucial to take action now.

Fortunately, there are concrete steps you can take to ensure security and prevent potential damage. The plugin developers, Awesome Motive, have resolved the issues. They have removed all malicious code and released updates that patch the vulnerabilities.

The most important action you can take now is to ensure your plugins are up-to-date. Immediately check if the OptinMonster, TrustPulse, or PushEngage plugins on your website are running the latest version. Where possible, enable automatic updates for your plugins, but remain critical.

Temporarily disable automatic updates now to perform your own checks first, until you are certain the situation is completely secure. After installing the updates, it is advisable to monitor your website closely. Watch for any unusual activity, such as strange pop-ups, slow performance, or changes to your website that you did not implement.

It is also a good time to review your website's overall security. Ensure you are using strong, unique passwords, especially for your administration area. Consider an additional layer of security, such as two-factor authentication, if your website supports it.

Don't forget to regularly back up your website. Should anything go wrong, you can always restore your website to a previous, secure state. Inform your employees about the risks of phishing emails or suspicious links, as hackers might attempt to gain access through other means via a compromised website.

Conclusion

The hack of OptinMonster and related tools serves as a warning to all SME businesses about the constant threat of cyberattacks, even through seemingly trustworthy services. While the immediate threat is largely past due to the vendors' swift action, this underscores the importance of proactive security. Ensure your website plugins are always up-to-date and remain vigilant for suspicious activity.

Good digital hygiene, such as using strong passwords and performing regular backups, remains the best defense for your online presence. Take this opportunity to audit and strengthen your website security.

**Want to learn more? ** Also see how Assist2go can help with the right IT service for your business.