More than 160,000 websites powered by the blogging platform WordPress have been hijacked by hackers, it has emerged.
The distributed denial of service attack uses the "pingback" function which is enabled by default when articles are published.
Security firm Sucuri said:
The most interesting part is that all the requests were coming from valid and legitimate WordPress sites. Yes, other WordPress sites were sending random requests at a very large scale and bringing the site down.
Just in the course of a few hours, over 162,000 different and legitimate WordPress sites tried to attack.
This Sucuri blog post has details on how you can protect your site – and check if yours was one of those that has been misused.
Email pged@pressgazette.co.uk to point out mistakes, provide story tips or send in a letter for publication on our "Letters Page" blog