A botnet of over 20,000 WordPress sites is attacking other WordPress sites

Crooks controlling a network of over 20,000 already-infected WordPress installations are using these sites to launch attacks on other WordPress sites, ZDNet has learned from WordPress security firm Defiant.

The company, which manages and publishes the Wordfence plugin, a firewall system for WordPress sites, says it detected over five million login attempts in the last month from already-infected sites against other, clean WordPress portals. The attacks are what security experts call “dictionary attacks.”

Read more about the WordPress attack campaign on ZDNet.