|12 Mar 2014||#1|
| || |
Attackers trick 162,000 WordPress sites into launching DDoS attack
Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.
The technique made it possible for an attacker with modest resources to greatly amplify the bandwidth at its disposal. By sending spoofed Web requests in a way that made them appear to come from the target site, the attacker was able to trick the WordPress servers into bombarding the target with more traffic than it could handle. Besides causing such a large number of unsuspecting sites to attack another one, the attack is notable for targeting XML-RPC, a protocol the sites running WordPress and other Web applications use to provide services such as pingbacks, trackbacks, and remote access to some users.
Researchers from security firm Sucuri recently counted more than 162,000 legitimate WordPress sites hitting a single customer website. They suspect they would have seen more if they hadn't ended the attack by blocking the requests.
|My System Specs|
|Similar help and support threads for2: Attackers trick 162,000 WordPress sites into launching DDoS attack|
|DDoS Attack, Changed IPs Still Under Attack||System Security|
|Huge attack on WordPress sites could spawn never-before-seen super bot||Security News|
|30,000 Wordpress Sites Infected to Redirect to Fake AV Sites||Security News|
|Help Want Ask about DDoS Attack Characteristic at Windows 7||System Security|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 03:31 AM.