This botnet is utilizing brute force attacks to gain access to other WordPress websites. They estimate that 20,000 websites are infected so far and the number are likely to grow. The best way to stop this attack is to install a plugin that will lock and prevent brute force attacks.
This is something that we implement for all of our clients. Please contact us if you require assistance securing your WordPress website.