Compromised WordPress blogs used in DDoS attack

Thousands of websites using the WordPress platform are being compromised to form a so-called WordPress botnet, a tech site reported Thursday.

A report on The Hacker News said hackers are targeting a "large number" of WordPress websites across the Internet, after compromising 90,000 servers in April 2012.

Citing logs from a recent attack, The Hacker News' Mohit Kumar said one DDoS target's website was attacked by "various compromised Wordpress-based websites."

"(We found the) attacker was able to perform DDOS attack from 569 unique compromised Wordpress blogs. Hacked websites include blogs of Mercury Science and Policy at MIT, National Endowment for the Arts (arts.gov), The Pennsylvania State University and Stevens Institute of Technology," he said.

"This attack is happening at a global level and WordPress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP’s used are spoofed), it is very difficult to block all malicious data," he added.

He added an attacker could use a large number of high-performance hosting to build a much larger botnet.

Kumar cited figures from WP WhiteSecurity showing more than 70 percent of WordPress installations are vulnerable to hackers.

"If you are running WordPress sites, now would be a good time to ensure that strong passwords are always used and that your username should be changed from 'admin,'” he said.

"Avoid Obvious Passwords, Scan your computer for viruses, keyloggers, rootkits, and botnet software. Most importantly, Update WordPress and all plugins to the latest versions," he added. — TJD, GMA News