[ PRIVACY Forum ] Huge attack on WordPress sites could spawn never-before-seen super botnet

FYI. Am I the only person just hearing about this?

We're seeing heavy amounts of traffic / attacks as well - it's definitely not isolated to a single provider / range.

There are articles from HostGator, CloudFlare, Techcrunch and several others.


I don't know if it's related, but Linode sent out an email earlier
that all account passwords (for all customers) must be reset.
Apparently one of their customers was succesfully exploited, and out
of an abundance of caution, they acting as if the attackers got the
Linode password hashes.

The WordPress mailing lists have been rather active discussing it.

A couple of hardening tips if you're running WP, or run a host providing it: