162,000 vulnerable WordPress websites abused to perform DDoS Attack
DDoS attacks are a growing issue facing by governments and businesses. In a recent attack, thousands of legitimate WordPress websites have been hijacked by hackers, without the need for them to be compromised. Instead, the attackers took advantage of an existing WordPress vulnerability (CVE-2013-0235) - āPingback Denial of Service possibilityā.
According to security company Sucuri, in a recent amplification attack more than 162,000 legitimate WordPress sites were abused to launch a large-scale ddos attack.
The attack exploited an issue with the XML-RPC (XML remote procedure call) of theĀ WordPress,Ā useĀ to provide services such asĀ Pingbacks, trackbacks, which allows anyone to initiate a request from WordPress to an arbitrary site.
The functionality should be used to generate cross references between blogs, but it can easily be used for a single machine to originate millions of requests from multiple locations.
"Any WordPress site with XML-RPC enabled (which is on by default) can be used in DDoS attacks against other sites,ā Sucuri researcherĀ said in the blog post.
The Pingback mechanism has been known to be a security risk for some time. XML-RPC is enabled by default on WordPress and websites with no protection mechanism are vulnerable to this attack.
[adsense size='2']
Gloss