Thousands of WordPress websites are being used to carry out a huge cyber attack campaign in the form of a distributed denial of service [DDoS] attack.
The Hacker News reports that hackers have targeted “a large number” of sites on the WordPress platform after successfully compromising some 90,000 servers way back in April 2012 and in the process have created a WordPress botnet.
“We found that in 26 seconds an attacker was able to perform DDOS attacks from 569 unique compromised WordPress blogs. Hacked websites include blogs of Mercury Science and Policy at MIT, National Endowment for the Arts (arts.gov), The Pennsylvania State University and Stevens Institute of Technology,” said Mohit Kumar, editor in chief of The Hacker News.
One reader of the site reported that his website was under siege from heavy DDoS attacks eminating from “various compromised WordPress based websites”. The Hacker News cite figures recently produced by WP WhiteSecurity that showed over 70 per cent of WordPress installations are vulnerable to hackers. It estimates that 30,823 of 42,106 WordPress websites are open to exploitation.
“If you are running WordPress sites, now would be a good time to ensure that strong passwords are always used and that your username should be changed from ‘admin’. Avoid obvious passwords, scan your computer for viruses, keyloggers, rootkits, and botnet software. Most importantly, update WordPress and all plugins to the latest versions,” Kumar added.
A DDoS attack works by slowing or crashing website servers by overloading them with traffic and are an easy way for the underground economy to cause as much disruption as possible.
DDoS attacks are over time becoming the hacker’s tool of choice with the amount of attacks rising rapidly over the past year or so. Arbor Networks reported back in July that the first six months of 2013 had seen the number of attacks and the size of each one had rise rapidly and there is no sign of the trend slowing.