Web Based Brute Force Attacks Are Here
Security experts are warning that an escalating series of online attacks designed to break into poorly-secured WordPress blogs is fueling the growth of an unusually powerful botnet currently made up of more than 90,000 web servers. currently attempting to log in by cycling different usernames and passwords against the WordPress access points: /wp-login.php and /wp-admin.
What is a Botnet?
A botnets (a network of hundreds, thousands, or millions of compromised computers that are being exploited to perform attacks, send spam etc.
What can You Do?
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to evict the intruders and infections:
– Log in to the administrative panel and remove any unfamiliar admin users.
– Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time).
– Update the secret keys inside WordPress (otherwise any rogue admin user can remain logged in).
– Reinstall WordPress from scratch or revert to a known, safe backup.
It would be a good idea to not have any users with a username of “admin”, “editor”, or “moderator” on your site. If you have any such users, the next section describes how to remove them.
There is also a clear patten in the passwords being guessed. This is natural as people have a very bad habit of choosing very weak passwords. Unfortunately, the things that are easy for us to remember are also quite easy to guess.
