With 20,000 sites swallowed up, a botnet is eating WordPress alive

best wordpress plugins

Hackers controlling a “botnet” of over 20,000 infected WordPress sites are attacking other WordPress sites, according to a report from The Defiant Threat Intelligence team. The botnets attempted to generate up to five million malicious WordPress logins within the past thirty days.

Per the report, the hackers behind this attack are using four command and control servers to send requests to over 14,000 proxy servers from a Russian provider. Those proxies are then used to anonymize traffic and send instructions and a script to the infected WordPress “slave” sites concerning which of the other WordPress sites to eventually target. The servers behind the attack are still online, and primarily target the XML-RPC interface of WordPress to try out a combination of usernames and passwords for admin logins.

“The wordlists associated with this campaign contain small sets of very common passwords. However, the script includes functionality to dynamically generate appropriate passwords based on common patterns … While this tactic is unlikely to succeed on any one given site, it can be very effective when used at scale across a large number of targets,” explains The Defiant Threat Intelligence team.

Attacks on the XML-RPC interface aren’t new and date back to 2015. If you’re concerned that your WordPress account might be impacted by this attack, The Defiant Threat Intelligence team reports that it is best to enable restrictions and lockouts for failed logins. You also can consider using WordPress plugins which protect against brute force attacks, such as the Wordfence plugin.

The Defiant Threat Intelligence team has shared information on the attacks with law enforcement authorities. Unfortunately, ZDNet reports that the four command and control servers can’t be taken offline because they are hosted on a provider that doesn’t honor takedown requests. Still, researchers will be contacting hosting providers identified with the infected slave sites to try and limit the scope of the attack.

Some data has been omitted from the original report on this attack because it can be exploited by others. The use of the proxies also makes it hard to find the location of the attacks, but the attacker made mistakes which allowed researchers to access the interface of the command and control servers behind the attack. All of this information is being deemed as “a great deal of valuable data” for investigators.


You’ll soon be able to scribble all over PDFs on your Chromebook

Chrome OS users may soon be able to doodle all over their PDF documents with the possible addition of a new feature in Chrome OS' PDF viewer. The annotation feature is expected to allow users to hand draw or write over their documents.

Apple's iOS 12.1.1 makes it easier to switch cameras in FaceTime

After months of betas, the final version of iOS 12 is here to download. The latest OS comes along with tons of new capabilities, from grouped notifications to Siri Shortcuts. Here are all the features you'll find in iOS 12.
Movies & TV

'Stranger Things' season 3 teaser reveals the new episodes' titles

With a sophomore season as strong as its first, Stranger Things is now moving on to season 3. Here's everything we've learned so far about the Netflix series' upcoming third season.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.

HDR monitors are beginning to have an impact. Here are the best you can buy

HDR isn't the most common of PC monitor features and is often charged at a premium, but the list of available options is growing. These are the best HDR monitors you can buy right now.
Virtual Reality

Oculus Rift vs. HTC Vive: Prices drop, but our favorite stays the same

The Oculus Rift and HTC Vive are the two big names in the virtual reality arena, but most people can only afford one. Our comparison tells you which is best when you pit the Oculus Rift vs. HTC Vive.

Canada’s winters inspired a startup to warm homes with cryptomining heat waste

Cryptomining may be the key to untold riches and the future of currency, but it’s also an environmental nightmare. Heatmine, thinks it has the answer, but it could mean bolting a mining rig onto every home and business in the country.

Microsoft’s Windows 95 throwback was just an ugly sweater giveaway

Microsoft's "softwear" announcement wasn't what we had hoped for. Thursday's announcement was not the new line of wearable tech or SkiFree monster sweater we wished for. But it did deliver the 90s nostalgia we wanted.
Home Theater

Confused about LED vs. LCD TVs? Here's everything you need to know

Our LED vs. LCD TV buying guide explains why these two common types of displays are fundamentally connected, how they differ, what to look for in buying an LED TV, and what's on the horizon for TVs.

The best MacBook deals for December 2018

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.

How to connect AirPods to your MacBook

If you have new AirPods, you may be looking forward to pairing them with your MacBook. Our guide will show you exactly how to connect AirPods to MacBook, what to do if they are already paired with a device, and more.

Hitting ‘Check for updates’ in Windows 10 opts you into beta releases

Users who are careful about keeping their system updated should watch out -- Microsoft revealed this week that clicking the Check for updates button in Windows can opt you in to testing beta code.
Product Review

The Asus ZenBook 14 is a tiny notebook that gets lost in the crowd

The ZenBook 14 aims to be the smallest 14-inch notebook around, and it succeeds thanks to some tiny bezels. Performance and battery life are good, but the notebook lacks a standout feature other than size.

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.