It was in news that, in the past of a massive cyber-attack coordinated with a huge botnet against millions of websites based on the popular CMS WordPress, around 100000 servers were successful compromised fueling the malicious architecture used for the attack. Thousands of WordPress based websites have been hacked to compose a global scale botnet that is performing powerful DDOS attacks.
The news was reported by CloudFlare and HostGator that on April alerted the WordPress community on the ongoing massive attack launched against WordPress blogs all over the Internet, the alert was related to a massive brute-force dictionary-based attack conducted to expose the password for the ‘admin’ account of every WordPress site.
In August, 2013 researchers at Arbor Networks have discovered a botnet dubbed Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine.
Case Study:
Pierluigi Paganini is Chief Information Security Officer at Bit4Id, firm leader in identity management, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber-security expert with over 20 years’ experience in the field, he is Certified Ethical Hacker at EC Council in London. His colleagues at TheHackerNews received a DDOS attack logs report from ‘Steven Veldkamp‘ that highlights that the victim’s website was under heavy DDoS attack recently, originated from numerous compromised WordPress based websites. It is highly probably that the ongoing attack is linked to the events occurred in April that allowed attackers to take control of a high number of vulnerable WordPress Hosts.
The attack logs from timing 23/Sep/2013:13:03:13 +0200 to 23/Sep/2013:13:02:47 +0200 revealed that just in 26 second attacker was able to perform a powerful DDOS attack from 569 unique compromised WordPress.
The list of sources used by attackers includes blogs of Mercury Science and Policy at MIT, Stevens Institute of Technology and The Pennsylvania State University.
According to statistics proposed by WP WhiteSecurity, from 40,000+ WordPress Websites in Alexa Top 1 Million, more than 70% of WordPress installations are vulnerable to hacker attacks.
Following is the statistics.
After analysis of Alexa top 1 million sites, 42,106 WordPress websites found in Alexa’s top 1 million websites. Out of which more than 50% are using old versions of WordPress which is vulnerable to attacks. Less than 5% websites upgraded to version 3.6.1 between the 12th and the 15th of September.
I think, if you are using any third party infrastructure, it is always your responsibility to keep it updated and secure. It will not only create problems for you but for the whole internet organization. As many simple hacking tools are freely available over internet also many YouTube videos, websites teach simple attacks, so we should at least be sure to keep our websites strong against such attacks. Owners of WordPress should first update their version to 3.6.1 and keep checking for newer.
Reference: http://securityaffairs.co/wordpress/18081/cyber-crime/wordpress-websites-ddos.html