Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Infected WordPress Sites Are Attacking Other WordPress Sites
#1
Quote:Researchers identified a widespread campaign of brute force attacks against WordPress websites.

WordPress sites are being targeted in a series of attacks tied to a 20,000 botnet-strong army of infected WordPress websites. Behind the WordPress-on-WordPress assault is a widespread brute-force password attack leveraged through a Russian proxy provider and targeting a developer application program interface (API).

The attacks, first identified by the Defiant Threat Intelligence Team and reported by Wordfence on Wednesday, utilized four command-and-control (C2) servers that in turn send requests to over 14,000 proxy servers tied to a Russian internet firm called Best Proxies, according to the Wordfence.

“[The attackers] use these proxies to anonymize the C2 traffic. The requests pass through the proxy servers and are sent to over 20,000 infected WordPress sites. Those sites are running an attack script which attacks targeted WordPress sites,” wrote Mikey Veenstra, a web security researcher at Wordfence, in a post.


https://threatpost.com/infected-wordpres...es/139666/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  700,000 WordPress Sites Vulnerable to Takeover, No Fix Available mrtrout 0 103 11-12-2024 , 11:32 PM
Last Post: mrtrout
  Russia Had Access for Months to Ukraine's Largest Telecom Operator Before Attacking mrtrout 0 2,155 01-07-2024 , 06:36 AM
Last Post: mrtrout
  Microsoft Edge gets better security defaults on less popular sites tarekma7 0 896 08-08-2022 , 10:36 AM
Last Post: tarekma7
  Microsoft seizes sites used by APT15 Chinese state hackers mrtrout 0 1,148 12-07-2021 , 11:16 AM
Last Post: mrtrout
  Fake TSA PreCheck sites scam US travelers with fake renewals mrtrout 0 664 11-20-2021 , 11:55 PM
Last Post: mrtrout



Users browsing this thread: 2 Guest(s)