Results 1 to 1 of 1
-
10th Jul 2014, 03:54 PM #1
WordPress Pingback Feature Used for DDoS Attack in Norway
This week’s disruption of the online services of numerous companies in Norway’s financial sector was possible because of the “pingback” feature in the WordPress platform.
A group of hackers claiming to be part of the Anonymous Norway hacktivist outfit, deployed on Tuesday, July 8, a distributed denial-of-service attack against the online services of multiple Norwegian companies, most of them connected to the financial sector.
According to sources familiar to the matter, who do not wish their identity to be disclosed, the attackers abused the “pingback” feature in WordPress in order to hit the systems of the targeted victims and thus cripple their availability, even if only for a short period of time.
The feature is turned on by default and can be easily abused so that a WordPress website starts sending packets to an assigned victim.
This is far from being a new issue, as a bug ticket about the DDoS risks associated with the WordPress implementation of XML-RPC, used for “pingback” and other features, has been created for the first time in 2007.
Also, the simplicity of the method to carry out an attack leveraging this flaw confirms the theory that the attackers may be script kiddies.
The DDoS focused on targeting layers three (network) and four (transport) of the OSI model, as well as layer seven (application), at the same time.
A layer seven DDoS attack is more difficult to mitigate because it targets the application interface and mimics legitimate behavior. They can target an element on the webpage, and since the requests come from legitimate IP addresses with vulnerable WordPress installations, filtering the traffic is not that easy.
As far as the security of the customer information is concerned, our sources say that they believe that this was nothing else than a distributed denial-of service attack, as no evidence of intrusion attempts was found. However, their investigation is not complete yet.
Sverre Olesen, who is the head of Evry security team, an IT company that provides services for financial organizations in Norway, said to Norwegian publications that this incident was not the largest the company had seen, but it was particular in the fact that it targeted so many victims at the same time.
Among the services affected were those of Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank, and Telenor (the largest telecommunications company in Norway). Other businesses were also affected, including websites of Scandinavian Airlines (SAS) and Norwegian Air.Kepler Reviewed by Kepler on . WordPress Pingback Feature Used for DDoS Attack in Norway http://i1-news.softpedia-static.com/images/news-700/WordPress-Pingback-Feature-Used-for-DDoS-Attack-in-Norway.jpg This week’s disruption of the online services of numerous companies in Norway’s financial sector was possible because of the “pingback” feature in the WordPress platform. A group of hackers claiming to be part of the Anonymous Norway hacktivist outfit, deployed on Tuesday, July 8, a distributed denial-of-service attack against the online services of multiple Norwegian Rating: 5
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Block DoS/DDoS attacks using IPTables in SSH
By DXS in forum Tutorials and GuidesReplies: 21Last Post: 27th May 2012, 03:20 PM -
Man jailed for chainsaw attack in Hull pub
By Sp32 in forum News & Current EventsReplies: 3Last Post: 15th Feb 2012, 07:52 AM -
Protection for DDoS Attacks
By mannNmeet in forum Webmaster DiscussionReplies: 45Last Post: 10th Nov 2011, 06:10 AM -
wordpress -phpbb bridge, what is bridge in it..?why it is used for..?
By torrfriend in forum Webmaster DiscussionReplies: 4Last Post: 10th Aug 2011, 08:34 PM -
What are the best plugins to use for a anime wordpress site?
By ngecity.com in forum Webmaster DiscussionReplies: 2Last Post: 18th Jan 2011, 10:34 PM
themaCreator - create posts from...
Version 3.24 released. Open older version (or...