djbaxter

Administrator
Administrator
Moderator
Joined
Jun 28, 2012
Messages
3,513
Reaction score
1,660
WordPress blogs and more under global attack - check your passwords now!
by Paul Ducklin, Sophos.com
April 13, 2013

If you have a web service that supports remote users, you will know that malevolent login attempts are an everyday occurrence.

Even on my own home-hosted SSH server, listening unassumingly on an IP number on a DSL line, I've seen thousands of login attempts from dozens of different IP numbers in the course of a single day.

But hosting providers worldwide are reporting that they've been seeing systematic attempts, over the last 48 hours or so, to breach blogs and content management systems (CMSes) at well above average levels.

The primary target seems to be WordPress, with Joomla users also reportedly getting a bit of a hammering.

Word from the anti-DDoS world is that a botnet is responsible, with estimates of "up to 90,000," "more than tens of thousands," and "up to 100,000" infected computers (all those figures can be true at the same time, of course) orchestrating the felonious login attempts.

Since it would take too long to try every possible username and password on every known WordPress or Joomla server, this onslaught is using what is known as a dictionary attack.

That's where a crook settles on a list of the most likely usernames and passwords, and tries those in quick succession.

The idea is simple: automate the password guessing, speed up the attack, and don't spend too long on any individual site.

Look for the low-hanging fruit, and harvest it as quickly as you can; if you can't get in within a few hundred or thousand attempts, move on to the next potential victim.

It's doorknob rattling, but on an industrial and international scale.


Read more...
 
Joined
Jul 18, 2012
Messages
477
Reaction score
96
I have taken a few steps to further protect my clients' WordPress sites (including my own):

1. Get everyone on CloudFlare (they offer a free service!)
2. Install the "limit attempted logins" plugin
3. Install an old plugin I had that creates a captcha system on the WordPress login page

Also, as a standard practice I have always used a very uncommon username and a strong password for the login page. As the article states, avoid usernames like "admin" or "test." I usually use the business owner's name as the username: John Smith.

Travis Van Slooten
 
Similar threads
Thread starter Title Forum Replies Date
rich_marlatt What Wordpress plugins do you recommend for SEO and Schema Markup? Ask a LocalU Expert [PRIVATE] (LocalU) 4
djbaxter WordPress: Contact Form 7 File Upload Vulnerability Websites, Software, and Security 0
djbaxter WordPress: The NoneNone Brute Force Attacks: Currently Active Websites, Software, and Security 0
djbaxter New features in WordPress 5.6 Websites, Software, and Security 0
djbaxter PHP 8: What WordPress Users Need to Know Websites, Software, and Security 0
djbaxter Speed Test for WordPress sites Websites, Software, and Security 1
djbaxter New WordPress Toolkit from cPanel Websites, Software, and Security 0
djbaxter Facebook & Instagram embeds on WordPress will break soon Websites, Software, and Security 1
djbaxter WordPress 5.5 update breaks plugins: Here’s the fix Websites, Software, and Security 6
Andrew Scherer Hacking QDF with WordPress Plugins Local Content 2
djbaxter Bing URL Submissions Plugin For WordPress Websites, Software, and Security 2
A What Wordpress Website Builder & Theme do you use? (Page speed in mind) Organic SEO 4
A What Wordpress Speed Optimizing Plugins do you use? Websites, Software, and Security 7
djbaxter WordPress Sites Targeted in Large-Scale Attacks Websites, Software, and Security 0
C Don’t we all want to develop fast websites? WordPress fastest page speeds using background images <srcset>, <img>, <picture>, @media, @2x retina Websites, Software, and Security 0
djbaxter Ninja Forms WordPress Plugin: High Severity Vulnerability Patched Websites, Software, and Security 0
djbaxter Test your Contact Form 7 on WordPress sites! Recycle Bin 4
djbaxter Critical security flaw in WordPress Jetpack plugin Websites, Software, and Security 0
djbaxter Site Kit by Google WordPress plugin Websites, Software, and Security 11
djbaxter WordPress Rich Reviews Plugin Under Active Attack Websites, Software, and Security 1
djbaxter Malicious WordPress Redirect Campaign Attacking Several Plugins Websites, Software, and Security 1
P New wordpress website Websites, Software, and Security 5
Chris Ratchford Anyone familiar w/ Advanced Custom Fields (for WordPress)? Consultant's Corner 6
brettmandoes Speed Plugin for WordPress sites Websites, Software, and Security 19
Jo Shaer Auto publishing from Wordpress blog to GMB post Google My Business & Google Maps 5
D Google Reviews Widget for WordPress Recycle Bin 0
djbaxter Security vulnerability in WordPress Slick Popup Plugin Websites, Software, and Security 1
djbaxter Stay current with the latest WordPress and Plugins Security Issues with this newsletter Websites, Software, and Security 0
djbaxter Urgent! Serious Security Threat Found in WordPress Plugin Yuzo Related Posts Websites, Software, and Security 1
djbaxter Grammarly Adds Junk Code to WordPress Posts and Pages Websites, Software, and Security 4
djbaxter Vulnerabilities in Two WordPress Plugins Websites, Software, and Security 2
djbaxter WordPress 5.1.1 Patches Critical Vulnerability: Update now Websites, Software, and Security 0
R Free Webinar: Wix, Weebly, Squarespace and WordPress - Which Is Best? Events 0
JoyHawkins Who is Switching to Wordpress 5.0? Websites, Software, and Security 13
djbaxter Google WordPress Plugin to Integrate Analytics, Search Console, AdSense, PageSpeed Websites, Software, and Security 4
Dan Foland Has anyone else been experiencing a rise in Brute Force attacks on WordPress recently? Websites, Software, and Security 4
djbaxter WordPress Alert: PHP 5.6 and 7.0 reach EOL December 2018 Websites, Software, and Security 2
Josh Gill New Wordpress Plugin to Manage GMB Posts Google My Business & Google Maps 12
P Broadband provider blocks wordpress site: Effect on SEO / local search? Local Search 2
P Guide/suggestions for improving my GMB local listing? wordpress plugins? Local Search 14
djbaxter Google Reviews Widget for WordPress Websites, Software, and Security 8
djbaxter WordPress 4.9.8 Released, May Need to Install the Classic Editor Websites, Software, and Security 8
djbaxter WordPress vulnerability, all versions: Check your Author and higher role permissions Websites, Software, and Security 0
djbaxter How to Disable Gutenberg in WordPress Websites, Software, and Security 3
Caroline Google My Business Website PLUS a WordPress one Local Search 8
P Wordpress template for business company Local Search 7
djbaxter WordPress 4.9.4 Fixes Critical Auto Update Bug in 4.9.3 Websites, Software, and Security 0
djbaxter Check your WordPress plugins! Organic SEO 0
dannanelli WordPress Footer Section as a Page Organic SEO 7
djbaxter Marked jump in brute force attacks against WordPress sites Organic SEO 0

Similar threads

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Most UpVoted Answers

Trending: Most Viewed

LocalU Podcasts

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Google Product Exert


Top Bottom