[DEVELOPING] Possible Email DDOS attack exploiting MailPoet (WordPress plugin)

This is a developing issue happening right now, please check back on this page for any updates over the following days.

Last updated 2018-03-29

Starting around March 25, 2018, I started seeing an unusual amount of bounces from my email server. The emails bouncing were the double-opt-in “please confirm your subscription” messages automatically generated by the WordPress plugin MailPoet.  This happens from time to time if, for example, somebody accidentally mis-types their email address. But now, suddenly they were coming in repeatedly for the same handful of addresses, including ones like support@linode.com and abuse@linode.com. So out of curiosity I headed over the Linode Status page, and saw this:

Continue reading [DEVELOPING] Possible Email DDOS attack exploiting MailPoet (WordPress plugin)