Hacker News new | past | comments | ask | show | jobs | submit login

I've been getting a ton of people signing up for my GoDaddy hosted WordPress blog the last couple of days. All the email addresses were things like [email protected].

Usually I get 2 or 3 signups a month. The last 2 days I've gotten 10 to 15 a day.

I've kept my WordPress install up to date though and I don't appear to be compromised. I wonder if that was part of the attack.




Considering the dramatic number of vulnerabilities discovered on Wordpress plugins recently I'd double check everything.

http://www.exploit-db.com/search/?action=search&filter_p...

And an useful tool to fingerprint a wordpress isntallation: http://code.google.com/p/wpscan/


This was probably not part of the attack. The attack simply redirects incoming requests to another site. If your site was affected, you wouldn't have had any sign ups because your site would have been redirecting to the bogus site before it even reaches your page.


I was thinking more of something like someone was attempting to exploit a vulnerability in the signup form.


I just saw this exact conversation a month ago.

Serious Deja Vu.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: