Skip to main content
  1. Home
  2. Computing
  3. News

With 20,000 sites swallowed up, a botnet is eating WordPress alive

By
Image used with permission by copyright holder

Hackers controlling a “botnet” of over 20,000 infected WordPress sites are attacking other WordPress sites, according to a report from The Defiant Threat Intelligence team. The botnets attempted to generate up to five million malicious WordPress logins within the past thirty days.

Per the report, the hackers behind this attack are using four command and control servers to send requests to over 14,000 proxy servers from a Russian provider. Those proxies are then used to anonymize traffic and send instructions and a script to the infected WordPress “slave” sites concerning which of the other WordPress sites to eventually target. The servers behind the attack are still online, and primarily target the XML-RPC interface of WordPress to try out a combination of usernames and passwords for admin logins.

Recommended Videos

“The wordlists associated with this campaign contain small sets of very common passwords. However, the script includes functionality to dynamically generate appropriate passwords based on common patterns … While this tactic is unlikely to succeed on any one given site, it can be very effective when used at scale across a large number of targets,” explains The Defiant Threat Intelligence team.

Related

Attacks on the XML-RPC interface aren’t new and date back to 2015. If you’re concerned that your WordPress account might be impacted by this attack, The Defiant Threat Intelligence team reports that it is best to enable restrictions and lockouts for failed logins. You also can consider using WordPress plugins which protect against brute force attacks, such as the Wordfence plugin.

The Defiant Threat Intelligence team has shared information on the attacks with law enforcement authorities. Unfortunately, ZDNet reports that the four command and control servers can’t be taken offline because they are hosted on a provider that doesn’t honor takedown requests. Still, researchers will be contacting hosting providers identified with the infected slave sites to try and limit the scope of the attack.

Some data has been omitted from the original report on this attack because it can be exploited by others. The use of the proxies also makes it hard to find the location of the attacks, but the attacker made mistakes which allowed researchers to access the interface of the command and control servers behind the attack. All of this information is being deemed as “a great deal of valuable data” for investigators.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Early Black Friday External Hard Drive and Portable SSD Deals
Digital Trends Best Black Friday External Hard Drive Deals

Update 11/13/24:With Black Friday rapidly approaching, we're doing our best to keep up with all the best external hard drive deals that have been coming out. To that end, we've updated these deals with a few more options, as well as updated pricing. Also, its very much worth checking back as we find more and better deals to add to this article!

Early Black Friday deals are popping up all over the place, with things like Black Friday Dell laptop deals, Black Friday gaming laptop deals, Black Friday tablet deals, and Black Friday desktop PC deals offering some hefty discounts. If you’ve had your eye on any of these, you may also want to consider an external hard drive for some additional storage space. There are several Black Friday external hard drive deals worth taking a look at, and we’ve rounded up the best of them below. Read onward for all of the details, as well as some information on things to look out for if you plan to purchase an external hard drive while these Black Friday deals are taking place.
Crucial X6 SE 1TB external SSD — $80 $100 20% off

Read more
MacBook Pro 16 vs. MacBook Pro 14: here’s which M4 you should buy
The MacBook Pro 16-inch on a table.

MacBook Pros are some of the best laptops money can buy. With the M4 chip now onboard, these laptops have never been so powerful, and the update brings some interesting upgrades, such as the improved 12-megapixel webcam and brighter screen. They're the best MacBooks that have ever been made, and it's a perfect time to pick one up based on upgrade timing.

But just because the entire MacBook Pro lineup is better now, that doesn't mean it's any easier to choose between the two size options that are available. Despite the fact that they include many of the same features, the 14-inch MacBook Pro and 16-inch MacBook Pro feel like entirely different systems due to their contrast in size.

Read more
The brain-computer interface revolution is just getting started
tech for change brain computer interface who its bxcxfghw

Whether it's jacking into the Matrix or becoming a Na'avi in Avatar, connecting brains to computers is a science-fiction trope that I never thought I'd see become a reality. But increasingly, BCIs (brain-computer interfaces) have become a serious area of study in research labs, rapidly advancing from research labs to real human trials -- perhaps most famously by the Elon Musk's company Neuralink.

While this promises individuals with disabilities a greater degree of freedom and control, along with potential applications in gaming and health care, significant technical, ethical, and regulatory challenges remain. But the more I dug into the topic, the more I found leaders and researchers rising to the occasion to lead us responsibly into the future of the this groundbreaking technology.
What is a brain-computer interface?
Alvin Lucier: Music for Solo Performer (1965)

Read more