Performancing Metrics

Over 160,000 WordPress Sites Used as Zombies in DDoS Attacks

Are you running WordPress like us? Do you make it a point to update to the latest version as soon as it’s out? If not, then maybe you should.

ddos attacks


In a recent massive attack, more than 160,000 WordPress sites have been taken advantage of and used to launch “a large HTTP-based (layer 7) distributed flood attack against a target”. And, these were legit WordPress sites that were abused for the attack. So you could actually have been one of them!
Security firm Sucuri was tasked with the duty to figure out and solve the DDoS attacks, and what they found out was that the vulnerable WordPress sites were the ones which allowed pingbacks.

Now you know that this option is turned on by default, so unless you disallow pingbacks on your blog, you could be taken advantage of as well. That, or upgrade to the latest WordPress version now, or find another solution, such as a plugin that Sucuri conveniently has ready for you. ;)

Sucuri CTO Daniel Cid says:

Any WordPress site with Pingback enabled (which is on by default) can be used in DDOS attacks against other sites. Note that XMLRPC is used for pingbacks, trackbacks, remote access via mobile devices and many other features you’re likely very fond of. But, it can also be heavily misused like what we are seeing.

If you want more technical details about how the DDoS attacks were done, you’ll find that in the blog post.

If you want to know if your blog is being used to attack others, you can check out Sucuri’s checker here. You simply have to type your URL in.

Categories: News

This post was written by . You can visit the for a short bio, more posts, and other information about the author.

Comment with Your Facebook Account


  1. IBN ) says: 3/17/2014

    Your article is very good.


  2. Dean Saliba ) says: 3/26/2014

    It is rather scary at how easy most of these blogs are taken over. Thankfully my web host put in place two captchas to be completed in order to get access to the admin login page, which has kept all of mine safe. Updating to the latest version and keeping an eye on the abandoned and poorly written plugins is also important.

    Recently my host has been asking me to delete the XMLRPC.php file from WordPress as these hackers are trying to get in through this file as well.


Performancing Metrics
EatonWeb Portal