Pinterest MobileAppPage Stumbleupon Whatsapp
Ads by Google

A group of hackers have attacked 90,000 smaller WordPress blogs using a simple brute force method. We all know the importance of having secure passwords, but one thing we all too often forget is usernames. The default “admin” username and some common passwords allowed hackers to jump in and get access to all these blogs with minimal effort involved.

The attacks have been ongoing for about a week, and the number of blogs targeted is quite substantial. It’s possible that some of the attacked blogs were started and just never used, but it seems probable that a good number of them are actual blogs where the owner just did not think to change the default username.

The program used by the hackers would simply cycle through 1000 commonly used passwords with the default WordPress username. Obviously, if you are a savvy blog owner, you’re going to be just fine, but based on the number of successful attacks, it appears there were more than enough easy targets out there for the group of hackers to take.

Once the attack compromises the system, it drafts the blog into a botnet, which is a group of machines that communicate with each other and are capable of wide-spread attacks. The compromised blogs themselves are not all that useful to the attackers, but the actual target could be the servers on which they are housed.

At this point, we are not sure what the ultimate goal of the botnet is. 90,000 compromised machines could certainly be useful in denial-of-service (DDoS) attacks, but only time will tell what comes of this.

Ads by Google

If you’re still using “admin” as your username on WordPress, you should change it immediately. Come up with a more secure username, a secure password, and use two-step authentication to keep your blog as safe as possible.

Did your WordPress blog get attacked?

Source: Mashable

  1. SVV
    August 1, 2013 at 7:26 am

    My office blocks the pdf link. I get "access denied" when I click or try to save the pdf. Please help :(

  2. Mark Bennett
    April 23, 2013 at 5:22 pm

    This article could have been replaced by the tweet: "Don't use 'admin' as your username on WordPress"

  3. null
    April 18, 2013 at 5:46 pm

    I see too many password compromises too often. Why cant people just stop being lazy.?

  4. mari
    April 17, 2013 at 6:17 pm

    Actually, yes, my site was attacked, which I found out after installing Login Security Solution plugin to fend it off.

    Now that the dust has settled, I'm wondering what to do next. I posted yesterday with no problem but still uneasy about it.

  5. Tim Berneman
    April 17, 2013 at 4:46 pm

    A few of my WordPress sites got hacked, the only ones where I did not have the "Better WP Security" plugin installed. I restored from a backup and immediately installed the plugin. I highly recommend it.

    Get it in the WP repository:

  6. macwitty
    April 17, 2013 at 12:41 pm

    No, not get any blogs I'm responsible for attacked. Saying that there have been more downtime when the web hotel has been under DDoS attacks.

    Just remember, you can not change the user name from within WordPress, there you have to create a new admin user and delete the old one. You can change the name in phpMyAdmin.

    Do not forget to update WordPress - I was going to help a small organization the other week and they had WordPress 2.6.1

  7. Lim3Fru1t
    April 17, 2013 at 7:36 am

    I didn't get attacked, but still changed my password to be secure!

  8. null
    April 17, 2013 at 4:52 am

    Thanks for the reminder! I'd changed the name on one blog but not the other and my password was pretty weak. All fixed!

  9. cesar quinteros
    April 16, 2013 at 11:13 pm

    Nope. Passwords are all nice, long, and complex thanks to lastpass.

    • Nevzat A
      April 17, 2013 at 6:00 am

      Yeah, Lastpass, Keepass to the rescue!

    • dragonmouth
      April 17, 2013 at 11:56 am

      "Nope. Passwords are all nice, long, and complex thanks to lastpass."

      Until the LastPass password gets compromised.

  10. Devon
    April 16, 2013 at 9:23 pm

    This has happened to one of the blogs that I manage and has since seen many of its users blacklisted against our host just for logging in.

Leave a Reply

Your email address will not be published. Required fields are marked *