Wordpress is an open source webpage-creation package that is open to new apps
from just about any source,
but there is insufficient vetting of new material. Users must be
exceptionally vigilant that their own
wordpress installations use only current and trusted apps that come from
official wordpress.com sites and
not from third-party authors.
I looked into the consequences by examining the access logs of my own
website, which does not use wordpress:
https://www.pinthetaleonthedonkey.com/StatisticsAllYears/May-2018-WordPress/WordPress-attacks-MiDomane.com-May-2018.htm
Summarizing those results: A worldwide 364/24/7 attack on my [non-existent]
wordpress installation.
Currently, even though dig wordpress.com returns two IP addresses, there are
actually many more IP addresses
that return "wordpress.com" upon receiving a dig -x inquiry; my current list
has 67 addresses. They are all
owned by a single entity and are probably legitimate. That still causes a lot
of trouble for their users:
dig -x 66.155.9.238 ==> PTR wordpress.com
PTR wordpress.com
https://otx.alienvault.com/indicator/ip/192.0.77.32
George Langford
