There were massive attempts to breach firewalls last night on multiple WordPress self-hosted websites. The attacks began yesterday evening and continued into the wee hours of the morning March 7-March 8, 2011. Additional attacks flared up again, this afternoon. Last evening those sites had not yet been upgraded to WordPress 3.1 (they are now!) – but had all been updated as of just before that release (about 2 weeks ago). Some are hosted by Godaddy – but not all. Last night’s attempted hacks were all probable Directory Traversal Attacks. Some of this afternoon’s attempted hacks were SQL Injection Attacks. Not surprisingly, almost all originated from two former Eastern bloc countries, Lithuania and Bulgaria. There were about 100 attempts over 22 hours against multiple sites to breach the WP firewalls. None of these succeeded. In addition to upgrading the sites to WordPress 3.1, I also blocked the offending IP addresses in .htaccess. It may or may not be coincidental, but on March 3, 2011, just a few days ago, WordPress.com suffered its “most sustained wave of Distributed Denial of Service Attacks in the site’s 6-year history,” according to its founder, Matt Mullenweg. Three WordPress datacenters, in Chicago, San Antonio and Dallas, were affected. WordPress.com is used by around 10 percent of all websites around the world, and had some of its servers taken offline by these attacks. The servers were up and working normally by the end of the day on March 3, but Mullenweg admitted the attacks “could flare up later” — which they did the very next day, on March 4.
(source: Money.CNN.com )
Tweet
