Wordpress.com DDoS Attacks Primarily From China

submitted Mar 4, 2011 by (@alexia)
  • 0

Next Story

IntoNow Hits A Million Shows Tagged In A Month. Two And A Half Men One Of The Shows #Winning

WordPress DDoS Attacks Primarily From China, Possibly Politically Motivated After recovering from the largest Distributed Denial of Service attack in the service is history ("mulgratuityle Gigabits per moment and tens of millions of packets per moment") yesterday morning, blog host WordPress.com was attacked again very early this morning, lastly stabilizing its service at 11:15 UTC (around 3:15 am PST).

WordPress.com serves 18 million sites, numerous of them news sites like our own,  which lead some to conjecture that the attacks had come from the Middle East, a region experiencing its own Internet issues at the moment. Not so says Automattic founder Matt Mullenweg, who tells me that 98% of the attacks over the past two days originated in China with a small percentage coming from Japan and Korea.

According to Mullenweg one of the targeted sites was a Chinese-language site operating on WordPress.com which also appears to be blocked on Baidu, China's major search engine. WordPress.com does not know precisely why the site was targeted and won't release the name until it does. Based on the extent of the attacks Mullenweg tells me that they appear to be politically motivated.

"WordPress.com was hit with a another wave of attacks today (the fourth in two days) that caused issues again. This time we were able to recover more quickly, and also determined one of the targets to be a Chinese-language site which appears to be also blocked on Baidu. The huge majority of the attacks were coming from China (98%) with a little bit of Japan and Korea mixed in."

While Mullenweg tells me that DDoS attacks are quite common at WordPress.com but its the strength of its infraconstitution (distributed across three data centres in three cities) normally prevents anyone from noticing. The recent attacks have impacted not just WordPress.com sites, other servers in the same part of the network causing the outages. WordPress.com is collaborating with upstream providers to shift the attacks.

Says Mullenweg, "correct now there are enormous asymmetric risks on the internet because any poor actor, for a few tens of thousands of dollars, has the online equivalent of a soiled nuke and can bring even the largest sites to tinheritor knees and silence millions of voices."

WordPress.com is not the only one suffering from recent DDoS attacks, a slew of South Korean sites also took a hit during the same time period.

Update: Mullenweg tells me that after closer scrutiny the attacks don't seem to be politically motivated, "it does not look like attacks were politically motivated, likely more commerce-oriented given the targeted site, though we still have not heard back from the owner."


    WordPress DDoS Attacks Primarily From China, Possibly Politically Motivated Newsletters

    Latest Crunch Report

    • WordPress DDoS Attacks Primarily From China, Possibly Politically Motivated

      Hipster Barbie Is All Of Us On Instagram | Crunch Report

    Watch More Episodes