Welcome to Esato.com




Attackers trick 162,000 WordPress sites into launching DDoS attack


Click to view updated thread with images




Posted by tranced
Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.

The technique made it possible for an attacker with modest resources to greatly amplify the bandwidth at its disposal. By sending spoofed Web requests in a way that made them appear to come from the target site, the attacker was able to trick the WordPress servers into bombarding the target with more traffic than it could handle. Besides causing such a large number of unsuspecting sites to attack another one, the attack is notable for targeting XML-RPC, a protocol the sites running WordPress and other Web applications use to provide services such as pingbacks, trackbacks, and remote access to some users.


Read more...


Click to view updated thread with images


© Esato.com - From the Esato mobile phone discussion forum