Your WordPress websites are being hacked and controlled by hackers to attack other websites including DDOS

If you have a wordpress website or your website being designed by wordpress, then you really need to pay some attention, especially if your site is a business website, be real careful using it. If you design the wordpress website yourself then make sure it is secure hardened security and it is on a good web hosting server that being monitored.

Make sure you have security plugins for wordpress such as wordfence or something similar to harden your security. Make sure all your plugins are up to date and don’t use any plugins that are out of date or being flagged as security risk by wordfence or similar firewall malwares antivirus software. Those protection are very effective in addition to having wordpress get updated to latest version at all time.

Lastly make sure your website or webserver being updated frequently, once a day so that you can quickly recover your website in case of an attack or compromised. Also important to have your domain controller such as godaddy 2FA turned on.

On Wednesday, December 5, 2018, 6:35:15 PM EST, Wordfence <[email protected]> wrote:

Our threat intelligence team has identified a large botnet of over 20,000 infected WordPress sites that is centrally controlled. It is being used to attack WordPress sites.

Today we have published in-depth research on the attack campaign that includes details of the botnet, how the attacker is hiding their operations using a huge network of proxy servers, their command and control infrastructure and more.

Wordfence already protects you from this threat via our IP blacklist, firewall and by detecting the code used to infect sites participating in the botnet.

You can find the full post on the official Wordfence blog…

Mark Maunder – Wordfence Founder & CEO

Introducing Wordfence Agency Solutions
Don’t let a security issue set you back. Trust Wordfence with your security while you focus on growing your business. Learn More

If you would like to stop receiving WordPress security alerts and product updates from Wordfence, please use the “unsubscribe” link at the bottom of this email. You subscribed to this list via the Wordfence security plugin for WordPress.

If you aren’t already a member, you can subscribe to our WordPress Security and Product Updates mailing list here. You’re welcome to republish this email in part or in full, provided that you mention that the source is If you would like to get Wordfence for your WordPress website, simply go to your “Plugin” menu, click “add new” and search for “wordfence”.

Defiant, Inc. 800 5th St STE 4100 Seattle WA 98104 United States

You received this email because you are subscribed to Wordfence Security Mailing List from Defiant, Inc..

Update your email preferences to choose the types of emails you receive.

Unsubscribe from all future emails