04.14.13

WordPress Bloggers?

Got an account at WordPress.com? You should replace your password.
Over the weekend an unidentified group of hackers raised a huge offensive attack against blogs that use this popular content management system. Growing number of attacks, during which hackers try to break into websites with the user name ‘Admin’ and a long chain of common passwords (Brute Force method) and using Zero-Day security holes in WordPress and various additives that are installed on the system.

Once the hackers manage to break into the site, they transplant a malicious software that allows them to remotely control the site. And what do they do with it? Very simple. Hacked site makes its a botnet server, which in turn attacks other sites using the same method.

The attack is of a global mass, and attacks WordPress sites without discrimination on grounds of religion, race or sex. Currently more than 90,000 IP addresses involved in the attack.

If you think it is not something that started over the weekend, you’re right. Overall offensive began last week, but in much lower numbers, then it strengthened again over the weekend. Among the sites attacked were quite a few blogs and websites that have experienced problems such as very slow connectivity, and the inability to log into the management system. In severe cases, the site was not available for a while.

But the main problem is not the current offensive, but rather the long-term plans of the botnet operators. While investigating the recent assault we have found that the hackers are now using a network of tens of thousands of simple home computers in order to run all their attacks, but the ultimate goal is far too malicious: control stronger servers, with a significantly higher processing capacity and with more broadband internet connectivity that can accomplish more damage. So, if they managed to break your WordPress based website, chances are they planted malicious software on your server.

Since this is indeed a vicious attack, but not so sophisticated, all you have to do to keep your website is to change the password of the management system. When you do this, make sure that the new password follows WordPress guidelines and its combination level is marked as ‘Strong’. Another option is to install a WordPress plugin that limits the attempts to log in by using the user name Admin, just keep in mind that in case you forget your password, this plugin may be against you.