DDoS attack is launched from 162,000 WordPress sites

Using unsuspecting WordPress sites as amplification vectors, a hacker takes down a popular Web site for hours.

internet5610x426.jpg

With some old-fashioned trickery, hackers were able to get more than 162,000 legitimate WordPress-powered Web sites to mount a distributed-denial-of-service attack against another Web site, security researchers said Monday.

Security firm Sucuri said hackers leveraged a well-known flaw in WordPress that allows an attack to be amplified by harnessing unsuspecting Web sites. It's unclear which site was the victim of the cyberattack but Sucuri said it was a "popular WordPress site" that went down for many hours.

"It was a large HTTP-based (layer 7) distributed flood attack, sending hundreds of requests per second to their server," Sucuri chief technology officer Daniel Cid said in a blog post. "All queries had a random value (like "?4137049=643182?) that bypassed their cache and force a full page reload every single time. It was killing their server pretty quickly."

While hundreds of requests per second don't seem that big when looking at other recent DDoS attacks -- like the ones against Namecheap and a CloudFlare customer last month that reached volumes from 100 gigabits per second to 400 gigabits per second -- Cid said this attack is still remarkable since it could have originated from just one person.

"Can you see how powerful it can be?" he wrote. "One attacker can use thousands of popular and clean WordPress sites to perform their DDOS attack, while being hidden in the shadows."

(Via Ars Technica).

About the author

Dara Kerr, a freelance journalist based in the Bay Area, is fascinated by robots, supercomputers and Internet memes. When not writing about technology and modernity, she likes to travel to far-off countries.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Delete your photos by mistake?

Whether you've deleted everything on your memory card or there's been a data corruption, here's a way to recover those photos.