Huge number of WordPress bruteforce attacks reported in the wild

// April 15th, 2013 // Hacking and Security


Wordpress blogging platform logo

Security software firm Sucuri has announced the discovery of a massive WordPress brute force attack that is circulating in the wild. Analysis of security logs and monitoring via their operations center, has revealed a three-fold increase in WordPress bruteforce attacks over the past three months. The attacks are coming from a large number of IP addresses spread across locations all over the world indicating a large botnet is being used to stage the attacks.  The attacks use various vectors including attempts to bruteforce the admin account’s password (the default WordPress user account) and bruteforce guessing of account names, typically using some fragment of the site’s URL in the guessing attempt.

According to Securi:

“A large botnet has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This is affecting almost every major web hosting company around the world. Our Network Operations Centre (NOC) has detected a significant increase in botnet activity in the last 24 hours.”

Securi also pointed out several methods WordPress bloggers can implement in order to minimize the risk of intrusion.

“Normal security procedures include regular updates of the WordPress core files, plugins and theme files. In addition to this, we also recommend WordPress administrators change their login username from the default ‘admin’ username, use very secure passwords, and install the ‘Login Limits Attempts’ plugin or other WordPress security plugins.  Another security risk that WordPress administrators sometime forget about are inactive themes, installed on their blog but no longer in use. The files for the WordPress themes are still located in the /wp-content/themes/ directory, and even if they’re not being used, they’re still vulnerable to being hacked/exploited if they’re not kept up to date. Therefore, we recommend WordPress administrators delete all WordPress themes except the active theme currently in use on their website.”

Sources: Securi
Geek wear at Ivy and Pearl Boutique

« « Previous Article: Meet Compressorhead – all-robotic band is the heaviest heavy metal band on the planet     » » Next Article: Differences in Chinese and Russian security philosophies and how the United States should counter

Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: