Doc’s WordPress News Drop is a weekly report on the most pressing WordPress news. When the news drops, I will pick it up and deliver it right to you.
Ever wonder what hackers hope to achieve after gaining control of a site? Wordfence just published a fantastic article about how one very prolific group of hackers were using WordPress sites to drive traffic to counterfeit NFL sportswear. We talk about that analysis and more in this week’s video.
Love WordPress News, but hate reading? This is Doc Pop’s News Drop.
I finally installed Sucuri a few weeks back and immediately started recieving email notifications about failed sign in attempts from unknown users around the world.
I checked with experts and was told that my site probably wasn’t a specific target. In fact, if you have Wordfence or Sucuri installed, you’ve probably seen these emails too.
It’s just a fact of life that bots are constantly crawling the web looking to access sites with weak passwords, we just don’t usually realize it’s even happening until we’ve been hacked. But these constant email reminders got me wondering why these hackers go through all the trouble.
Last week, Wordfence published an article that helped answer that question.
In an in-depth analysis into one very prolific brute force attacker, Wordfence showed that hacked sites were being used to send traffic to a series of clothing sites that sold counterfit sports apparel. Wordfence cleverly nicknamed the criminals behind these attacks: The JerseyShore.
As I mentioned before, brute force attacks on WordPress sites is already high, but Wordfence noticed nearly two million brute force attacks in a week that all came from just one IP address. This IP was owned by an organization called PSL, which has had a long history with using this brute force attacks before.
Previously, PSL used these types of attacks to gain access to WordPress sites and use it to drive traffic to bootlegged World Of Warcraft gear, amongst other things.
You can read the full details on Wordfence’s blog, but this paragraph really sums it up nicely:
What we have shown here is that a criminal organization selling counterfeit sports apparel is engaging in spam to promote their retail websites. In addition to spam, we have shown that they are also using brute force attacks, targeting WordPress websites, from one of their spam servers which is hosted at a well known bullet proof host, PSL, based in Ukraine.
I don’t imagine there’s much to make off of spam sites like these, but maybe I’m wrong. What do you think an operation like this might make in a month of heavy spamming? 10,000 thousand USD? A million?
Speaking of cheap sports knockoffs, our Plugin Madness competition kicks off soon, so be sure to keep checking on PluginMadness.com to vote for your favorite WordPress plugins.
Oh, and I just finished watching the new Wolverine movie.
It was awesome.
Start the conversation