Admin

Wordpress Hacker Bot Surge - Trojan/Zombie/Botnet WordPress Spam Blogs

By
Services for Real Estate Pros with MyST Technology Partners

Hey folks - as many of you already know, I'm not a Wordpress fan (i.e., bias - MyST Blogsite), but I am a fan of stopping hackers and other nefarious web activity that threatens businesses.

While reviewing some real time tada a few minutes ago, I noticed more than 400 Wordpress Hacker Bots attacking one of our server banks just in the last 10 minutes. Thankfully we have some very sophisticated defense systems that protect our blogsite clients, but most Wordpress sites are unable to defend against security breaches that are reident in Wordpress to begin with.

I've read many posts on AR where folks using Wordpress are particularly angry about being hacked, but I have a hunch that Wordpress itself is a big part of the problem.

Perhaps (as a group) you should look carefully at your server logs and see what services are actually running lots of outbound requests and where they are going. I suspect those of you that are unknowingly harboring this threat might be able to apply a security patch or correction to remove this nasty beast. Kevin Burton didn't have a fix back in March, but he did know what it was - Trojan/ZombieBotnet.

The data below shows a pattern representing more than 2 million requests in one day by more than 3,000 total bots hitting just one of our many servers. This is up more than 50% in the last few days, so this trojan worm seems to be spreading and it's doing so on many versions of Wordpress. Read more about compromised Wordpress blogs.