WP-VCD is a malware that creates backdoors in your website by adding other hidden WordPress admin users or a backdoor account with the name 100010010 .This exploit then allows the attackers to have full access to your site and maintain a persistent foothold on these infected sites.
A thorough research by Wordfence found out that the rates of VCD attacks have been on the rise since August 2019.
WP-VCD has been around since at least February 2017, becoming more and more prevalent over the course of that year.
Nowadays, Wordfence says WP-VCD is today’s top hacking group on the WordPress landscape.
The attackers sole intention is monetization which comes from two main sources:
viral marketing activity intended to manipulate search engine results
malvertising code which creates potentially dangerous redirects and pop-up ads for users on a compromised site.
How it spreads
Using outdated WordPress plugins & themes for your site.
Downloading and installing free pirated premium WordPress themes
Downloading and installing free crafty plugins.
Not using any firewall or security option for your site
Symptoms of an infected site
A new user with administrator privileges is added to your site without your knowledge
Potentially dangerous redirects and pop-up ads for users viewing a your site.