As part of this article, Sucuri is offering a service to check if your Wordpress site participated in the DDOS. It's possible it was, because the bad guys used XML-RPC (aka pingbacks) reflection to power the attack.
But wait--what is that service really? It's a webform where concerned Wordpress site owners can enter the domain names for their sites. Domain names that probably have real contact information in the whois lookup.
These could also be known, from Sucuri's perspective, as warm leads.
Is that really what's going on here though? I doubt it. But it saddens me that every form now also looks like an opportunity to collect data on me.
1 comment
[ 3.3 ms ] story [ 9.9 ms ] threadBut wait--what is that service really? It's a webform where concerned Wordpress site owners can enter the domain names for their sites. Domain names that probably have real contact information in the whois lookup.
These could also be known, from Sucuri's perspective, as warm leads.
Is that really what's going on here though? I doubt it. But it saddens me that every form now also looks like an opportunity to collect data on me.