Global Attacks Build WordPress Botnet

Global Attacks Build WordPress Botnet

Customers with WordPress installations should be aware of a currently ongoing and growing threat. There is a highly-distributed global attack on WordPress installations affecting almost every web host on the Internet.

This attack is targeting WordPress installations with poor passwords and growing into a massive botnet that has now reached 90,000 ip’s globaly. Those responsible for the attacks are scanning the Internet for Worpress installations, and then attempting to login to the administrative console. Hackers are gaining access by using a method known as “brute force” a password guessing method based on dictionary words comprised of at least a 1000 words.

We are advising clients to change their WordPress password to a strong password, this means 8 characters minimum with a combination of special characters (!@#$%^&*). We also recommend if you have not done so to create an other account than “admin” and make this user the administrator, then delete your “admin” user. This will make it harder for hackers to gain access.

We also recommend installing a plugin to limit login attempts. The following plugin will lockout any ip after the set amount, you can get the plugin here:

If you require any assistance with this, please contact us via normal support channels.

Again, this is a global issue affecting all web hosts. We are taking all necessary measures to try and mitigate this attack but with such a case there is only so much that can be done.

About author