Attack wrangles thousands of web users into a password-cracking botnet

by
Dan Goodin
from Ars Technica - All content on (#6K653)
password-cracking-attack-800x534.jpg

Enlarge (credit: Getty Images)

Attackers have transformed hundreds of hacked sites running WordPress software into command-and-control servers that force visitors' browsers to perform password-cracking attacks.

A web search for the JavaScript that performs the attack showed it was hosted on 708 sites at the time this post went live on Ars, up from 500 two days ago. Denis Sinegubko, the researcher who spotted the campaign, said at the time that he had seen thousands of visitor computers running the script, which caused them to reach out to thousands of domains in an attempt to guess the passwords of usernames with accounts on them.

Visitors unwittingly recruited

This is how thousands of visitors across hundreds of infected websites unknowingly and simultaneously try to bruteforce thousands of other third-party WordPress sites," Sinegubko wrote. And since the requests come from the browsers of real visitors, you can imagine this is a challenge to filter and block such requests."

Read 8 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments