Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Botnet Cloud The Internet

Wordpress Sites Under Wide-Scale Brute Force Attack 110

Posted by Soulskill from the pressing-all-the-words dept.
New submitter NitzJaaron writes "Some of us have been experiencing attacks on Wordpress sites for the last few days, but it's now beginning to be widely reported that there's a fairly large brute force attack happening on Wordpress users on multiple hosts, including HostGator and LiquidWeb. 'This attack is well organized and again very, very distributed; we have seen over 90,000 IP addresses involved in this attack.' CloudFlare has announced that they're giving all users (free and paid) protection from said attacks with their services. 'The attacker is brute force attacking the WordPress administrative portals, using the username "admin" and trying thousands of passwords.'" Further reports available from Immotion hosting and Melbourne server hosting.
This discussion has been archived. No new comments can be posted.

Wordpress Sites Under Wide-Scale Brute Force Attack More

Wordpress Sites Under Wide-Scale Brute Force Attack

Comments Filter:

  • How to Respond to the Global Wordpress Attacks (Score:3, Interesting)

    by Call A Developer ( 2895483 ) on Friday April 12, 2013 @06:08PM (#43436363)
    I have written a rather detailed article on next steps for anyone affected - which is just about anyone with a Wordpress site. Unfortunately at least 10% of accounts hit have been successfully compromised, and many are being used to send spam or attack other sites. The Global Wordpress Brute Force Attacks of 2013 - http://calladeveloper.blogspot.com/2013/04/global-wordpress-brute-force-attacks.html [blogspot.com] This includes the method to htaccess block direct automated requests for wp-login.php as well. The attackers have gotten around some fairly advanced countermeasures including mod_security rules so all Wordpress site owners should be following these steps.

  • Re:How to Respond to the Global Wordpress Attacks (Score:1, Interesting)

    by Call A Developer ( 2895483 ) on Friday April 12, 2013 @07:52PM (#43437107)
    You mean "correct horse battery staple" and unfortunately that is terrible advice - any password under 50 characters made of only lowercase letters will be broken by the most basic brute force. And their dictionary is impressive, we've been pulling the POSTDATA and checking what they are doing. The rotation of usernames in itself is scary - even non "admin" users are not protected. This is why I suggest a 30 character password and in fact you should be using a similar method to generate your admin username. Even that can be cracked with a botnet of sufficient size, which is exactly what they are trying to build. They have a LOT of CPU power at their disposal between the infected PCs and the infected servers (which often have 32+ cores and 100GB+ of memory to play with).

Slashdot Top Deals

The last thing one knows in constructing a work is what to put first. -- Blaise Pascal

Close