Todd Redfoot, chief information security officer at GoDaddy, told eWEEK that he started to see an uptick in WordPress attacks in late February.
The attacks leverage the XML-RPC (Remote Procedure Call) “pingback” functionality in WordPress to launch DDoS attacks. XML-RPC is legitimately used within WordPress as a mechanism for content owners to do a pingback of posts. The pingback allows content owners to track where their content is getting linked.
Redfoot noted that GoDaddy put counter-measures in place in late February to mitigate the XML-RPC DDoS risk, but has seen another big spike in activity during the first two weeks of March.