[mmaunder]

I'd also like to add that the DDoS functionality isn't what really jumped out at me. It was the ability to reset your site's admin password remotely using a hard-coded password that anyone can read. And then there is also the ability to drop all your tables.

When we contacted them before publishing via email, they explained that someone had been pirating their software so this was a countermeasure. (quote is in the Wordfence post above) I guess the idea was that they would destroy sites using pirated licenses. Then they backpedalled that later on after this went viral.

[48309248302]

> I guess the idea was that they would destroy sites using pirated licenses.

Isn't it GPL?

[mmaunder]

Depends who you ask. Also some sites use a SaaS model with API key for back-end access. They claimed license keys were stolen. “Last year we had some serious problems after someone obtained a huge list of license keys and downloaded all of our products. The keys and files were then distributed on their file sharing site, which has since been taken down (not by us, ironically!). The drop tables function was put in place to try to stop this at the time.”