162,000 legitimate WordPress websites used to launch DDoS attacks

Legitimate websites help lend a hand in organized DDoS attacks

By: Michael Hatamoto | Hacking & Security News | Posted: Mar 12, 2014 9:20 am

Comment | Email to a Friend | Font Size: A A

Legitimate WordPress sites can be compromised and turned into a weapon to use as part of a distributed denial-of-service (DDoS) attack, according to security researchers. A HTTP-based distributed flood attack from more than 162,000 attacks recently brought down a larger site, with the victim WordPress site forced offline due to a tremendous amount of traffic.

162_000_legitimate_wordpress_websites_used_to_launch_ddos_attacks_01

Compromised websites likely didn't realize they were hijacked and used as part of the attack, though administrators can search for XML-RPC "POST" requests in website logs.

"Any WordPress site with XML-RPC enabled (which is on by default) can be used in DDoS attacks against other sites," said Daniel Cid, Sucuri CTO, wrote in a blog post. "Note that XML-RPC is used for pingbacks, trackbacks, remote access via mobile devices and many other features you're likely very fond of."

The affected site was allegedly targeted by a rival, though because the perpetrator was hiding behind so many WordPress websites, it's hard to prove responsibility.

NEWS SOURCES:Scmagazine.com