KashmirBlack botnet infects popular CMS platforms, exploiting dozens of known vulnerabilities. KashmirBlack uses a modular infrastructure that includes features such as load balancing communications with command-and-control servers and storing files on cloud storage services, such as Dropbox and GitHub. The botnet uses two clusters of infected systems as repositories for code and exploits, and divides compromised systems into those actively seeking new bots and a larger group waiting for instructions. Many of the exploits target plug-ins for WordPress and other popular CMSes.”]
Source: https://www.darkreading.com/attacks-breaches/botnet-infects-hundreds-of-thousands-of-websites