Home page logo
/

nanog logo nanog mailing list archives

Re: Fwd: [ PRIVACY Forum ] Huge attack on WordPress sites could spawn never-before-seen super botnet
From: Mike Hale <eyeronic.design () gmail com>
Date: Fri, 12 Apr 2013 20:16:26 -0700

I don't know if it's related, but Linode sent out an email earlier
that all account passwords (for all customers) must be reset.
Apparently one of their customers was succesfully exploited, and out
of an abundance of caution, they acting as if the attackers got the
Linode password hashes.

On Fri, Apr 12, 2013 at 8:11 PM, Cody Robertson <cody () hawkhost com> wrote:
We're seeing heavy amounts of traffic / attacks as well - it's definitely
not isolated to a single provider / range.

There are articles from HostGator, CloudFlare, Techcrunch and several
others.

http://blog.hostgator.com/2013/04/11/global-wordpress-brute-force-flood/
http://blog.cloudflare.com/patching-the-internet-fixing-the-wordpress-br
http://techcrunch.com/2013/04/12/hackers-point-large-botnet-at-wordpress-sites-to-steal-admin-passwords-and-gain-server-access/


On 04/12/2013 11:02 PM, Jay Ashworth wrote:

FYI.  Am I the only person just hearing about this?

----- Forwarded Message -----

From: "PRIVACY Forum mailing list" <privacy () vortex com>
Huge attack on WordPress sites could spawn never-before-seen super
botnet

http://j.mp/ZRZksL (ars technica)

"The unknown people behind the highly distributed attack are using
more
than 90,000 IP addresses to brute-force crack administrative
credentials of vulnerable WordPress systems, researchers from at least
three Web hosting services reported. At least one company warned that
the attackers may be in the process of building a "botnet" of infected
computers that's vastly stronger and more destructive than those
available today. That's because the servers have bandwidth connections
that that are typically tens, hundreds, or even thousands of times
faster than botnets made of infected machines in homes and small
businesses."

- - -

Up in the Net! It's a bug! It's a phish! It's SUPER-botnet!

--Lauren--
Lauren Weinstein (lauren () vortex com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility:
http://www.pfir.org/pfir-info
Founder:
- Network Neutrality Squad: http://www.nnsquad.org
- PRIVACY Forum: http://www.vortex.com/privacy-info
- Data Wisdom Explorers League: http://www.dwel.org
- Global Coalition for Transparent Internet Performance:
http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter:
http://vortex.com/t-lauren
Tel: +1 (818) 225-2800 / Skype: vortex.com

_______________________________________________
privacy mailing list
http://lists.vortex.com/mailman/listinfo/privacy






-- 
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault