Originally published at: http://boingboing.net/2017/04/12/port-7547.html
…
3 Likes
So why is WordPress in particular targeted? I can’t imagine switching from it would stop botnets
2 Likes
It(especially when combined with a generous pile of plugins) has a poor reputation for security, and is commonly deployed by people who are a trifle out of their depth; but onto servers, or at least VPSes, that provide more bandwidth and better uptime than compromised residential stuff.
People would move on to something else if it went away; but it is currently considered a great pick if you are looking for internet-facing servers with known vulnerabilities and admins who probably aren’t paying enough attention.
(Edit: also, “Wordfence” probably has a rather specific focus, so regardless of the overall rank of WordPress vs other stuff, their reports probably remain focused on WordPress. Which isn’t a bad thing, it needs the help; but if these routers spend the rest of the month attacking other stuff, they might we’ll have no way of knowing.)
4 Likes
Seems like Zyxel could use the vulnerability to patch their own routers.
3 Likes
Powers approximately 25% of the web. Wordfence makes a tool for protecting Wordpress so as @fuzzyfungus said it is their primary focus and their Web Application Firewall for wordpress is how they are gathering data on these attacks.
Edit: Oh and their security newsletter is excellent. I’ve been subscribed for some time. If you have a wordpress site or develop wordpress sites it is a must read.
1 Like
Because idiot sysops don’t patch their damn Wordpress installations and plugins. See the rash of MongoDB attacks for examples of bad defaults, idiot administrators, and the resulting carnage.
1 Like
This topic was automatically closed after 5 days. New replies are no longer allowed.
