During the month of June the following information was obtained from Glastopf installations worldwide
Geographical spread
10 most popular injected files during the period
Short introduction to RFI:
“Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation.
During the month of April the following information was obtained from Glastopf installations worldwide
Number of alert for the period: 1325919
Filenames (RFI) - 10 most common during the period:
Specifically newsworthy event: Ping back”
pingback.ping, which is a legit WordPress feature is misused to DoS victims using legit WordPress sites.
URL describing the issue: http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed- denial-of-service-attack.html
Method:
pingback.pinghttp://victim.com www.anywordpresssite.com/postchosenparam>' Extent:
We started monitoring this event, late into the month. But even so, the top 10 victim sites was hit with a total of 13441 requests.