More than 6,000 websites built on content management systems such as WordPress, Joomla and Datalife Engine were compromised in a new brute-force attack campaign. A botnet called Fort Disco, currently made up of 25,000 Windows machines, is responsible for the attacks. An attack tool found on almost 800 of the compromised websites is a variant of the FilesMan PHP backdoor that allows the botmaster to view and edit files, download content and execute new commands. The strategy at play with Fort Disco is similar to that of the Brobot attacks against major U.S. financial institutions late last year and earlier this year.
Source: https://threatpost.com/fort-disco-brute-force-attack-campaign-targets-cms-websites/101723/