According to Sucuri, which is a security firm, hackers have used a weakness present in WordPress to use 162,000 of their sites to launch a DDoS attack against a well-known WordPress site whose identity is being kept secret.
The weakness in WordPress that the hackers exploited is one that has been around for some time, and allowed the hackers to gain control of the unsuspecting sites and use them for their own means.
“It was a large HTTP-based (layer 7) distributed flood attack, sending hundreds of requests per second to their server,” said Daniel Cid, who is Sucuri’s chief technology officer, via blog post. “All queries had a random value (like “?4137049=643182?) that bypassed their cache and force a full page reload every single time. It was killing their server pretty quickly.”
Cid also remarked on the possibility of this being the work of only one person.
“Can you see how powerful it can be?” he said in the blog post. “One attacker can use thousands of popular and clean WordPress sites to perform their DDOS attack, while being hidden in the shadows.”