News

Attack on WordPress sites could create super BotNet

Published: | Posted By:

One of the biggest fears of using any "off the shelf" software, paid or otherwise, is that someone will find a flaw and exploit it for something that wasn't intended.  As many of us know hackers target the largest install base since you can get the most reward from it and in the web world that starts with servers (Web/Email/FTP,etc) and moves down to software like PHPBB, vBulletin, WordPress, Joomla, Drupal, etc..

Some of the allure is the fact that these programs are open source giving hackers plenty of ammo for finding security holes but also because much of the web is run using those software peices.

Security analysts have detected an ongoing attack that uses a huge number of computers from across the Internet to commandeer servers that run the WordPress blogging application.

The unknown people behind the highly distributed attack are using more than 90,000 IP addresses to brute-force crack administrative credentials of vulnerable WordPress systems, researchers from at least three Web hosting services reported. At least one company warned that the attackers may be in the process of building a "botnet" of infected computers that's vastly stronger and more destructive than those available today. That's because the servers have bandwidth connections that are typically tens, hundreds, or even thousands of times faster than botnets made of infected machines in homes and small businesses.

"These larger machines can cause much more damage in DDoS [distributed denial-of-service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic," Matthew Prince, CEO of content delivery network CloudFlare, wrote in a blog post describing the attacks.

Tasty target indeed.  Be sure to check out the source of the Ars news posting and read some of the replies.  I almost busted up.  big grin smile

What is worse is that everything seems to be a big phjear tactic to enable monitoring software.

Related Web URL: http://arstechnica.com/security/2013/04/huge-attac...

 

comments powered by Disqus