Catalin Cimpanu reports:
A German man is most likely behind a series of compromised WordPress websites that are linked together into a botnet and controlled with the help of a hidden IRC channel.
It’s currently unknown how these sites are being compromised. According to WordFence, a vendor of security products for WordPress, the hacker works by adding a PHP file with 25,000 lines of code to all websites he manages to gain access.
This file is a bot client which connects to an IRC (Internet Relay Chat) server and listens to instructions posted in the main chat. Whenever the botnet’s owner logs in and gives out a command, all infected websites execute it.
Read more on Softpedia.