WordPress Sites Bot Attack underway to Steal Admin Passwords

If you’re running a WordPress site, now would be a good time to ensure you are using very strong passwords and to make sure your username is not “admin.” According to reports from HostGator and CloudFlare, there is currently a significant attack being launched at WordPress blogs wp_targetacross the Internet. For the most part, this is a brute-force dictionary-based attack that aim to find the password for the ‘admin’ account that every WordPress site sets up by default.

HostGator’s analysis found that this is a well-organized and very distributed attack. The company believes that about 90,000 IP addresses are currently involved. CloudFlare, its founder and CEO Matthew Prince told me earlier today, thinks the hackers control about 100,000 bots. As for the scope of the attack, Prince says that CloudFlare saw attacks on virtually every WordPress site on its network.

Read More

Huge attack on WordPress sites could spawn never-before-seen super botnet

Security analysts have detected an ongoing attack that uses a huge number of computers from across the Internet to commandeer servers that run the WordPress blogging application.

The unknown people behind the highly distributed attack are using more than 90,000 IP addresses to brute-force crack administrative credentials of vulnerable WordPress systems, researchers from at least three Web hosting services reported. At least one company warned that the attackers may be in the process of building a “botnet” of infected computers that’s vastly stronger and more destructive than those available today. That’s because the servers have bandwidth connections that are typically tens, hundreds, or even thousands of times faster than botnets made of infected machines in homes and small businesses.

“These larger machines can cause much more damage in DDoS [distributed denial-of-service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic,” Matthew Prince, CEO of content delivery network CloudFlare, wrote in a blog post describing the attacks.

Read More:  Ars Technica.

About Albert N. Milliron 6989 Articles
Albert Milliron is the founder of Politisite. Milliron has been credentialed by most major news networks for Presidential debates and major Political Parties for political event coverage. Albert maintains relationships with the White House and State Department to provide direct reporting from the Administration’s Press team. Albert is the former Public Relations Chairman of the Columbia County Republican Party in Georgia. He is a former Delegate. Milliron is a veteran of the US Army Medical Department and worked for Department of Veterans Affairs, Department of Psychiatry.

Be the first to comment