

More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack - cubictwo
http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html

======
snowwrestler
As part of this article, Sucuri is offering a service to check if your
Wordpress site participated in the DDOS. It's possible it was, because the bad
guys used XML-RPC (aka pingbacks) reflection to power the attack.

But wait--what is that service really? It's a webform where concerned
Wordpress site owners can enter the domain names for their sites. Domain names
that probably have real contact information in the whois lookup.

These could also be known, from Sucuri's perspective, as warm leads.

Is that really what's going on here though? I doubt it. But it saddens me that
every form now also looks like an opportunity to collect data on me.

