Skip to main content

DDoS Attacks On WordPress Came From China

Blogging platform WordPress has traced the second string of recent DDoS attacks against it back to China, the company has revealed.

The platform, which hosts more than 18 million blogs, suffered a second wave of attacks on Friday only days after being attacked by a massive wave of distributed denial of service attacks.

A Chinese-language site operating on was targeted which is also apparently blocked on China’s largest search engine. doesn’t know why the site was targeted and will not share the name until it does.

Speaking of the latest wave of attacks, Matt Mullenweg, founder of WordPress owner Automattic, said, “This time we were able to recover more quickly, and also determined one of the targets to be a Chinese-language site which appears to be also blocked on Baidu. The vast majority of the attacks were coming from China (98%) with a little bit of Japan and Korea mixed in.”

“Right now there are huge asymmetric risks on the internet because any bad actor, for a few tens of thousands of dollars, has the online equivalent of a dirty nuke and can bring even the largest sites to their knees and silence millions of voices,” Mullenweg added.

His first thought was that the attacks were politically motivated, but now Mullenweg is not so sure. "It doesn’t look like attacks were politically motivated, likely more business-oriented given the targeted site, though we still haven’t heard back from the owner," he said.