WordPress hit by botnet

A giant botnet that targets WordPress users that may have administrator privileges has attacked the popular Web blogging and Web site content management system.

“Right now there’s a botnet going around all of the WordPresses it can find trying to login with the ‘admin’ username and a bunch of common passwords, and it has turned into a news story (especially from companies that sell ‘solutions’ to the problem,” wrote Matt Mullenweg, founder of WordPress in his blog. “Here is what I would recommend: If you still use the ‘admin’ as a username on your blog, change it, use a strong password, if you’re on WP.com turn on two factor authentication and of course make sure you’re up-t-date on the latest version of WordPress.”

Find out how to activate the two-step authentication feature here

http://en.blog.wordpress.com/2013/04/05/two-step-authentication/

Mullenweg said users who take these steps are going to be “ahead of 99 per cent of sites out there.”

According to the technology survey site W3Techs.com, WordPress is used by as many as 17.6 per cent of all Web sites. The site powers no less than 64 million Web sites that are read by as many as 371 million people each month.

The attack on WordPress began last week after the site beefed up its security and introduced an optional two-step authentication log-in feature.

The attack on WordPress may have been carried out as part of an attempt to build a stronger botnet, according to Mathew Prince, CEO and founder of Cloudfare, a Web performance and security firm.

RELATED CONTENT

DDoS attacks in Canada
Canadians at risk of Apple password breach

 

“It appears a botnet is being used to launch an attack and more than tens of thousands of unique IP addresses have been recorded attempting to hack WordPress installs,” Prince wrote in his blog. “One of the concerns of an attack like this is that the attackers are using a relatgively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack.”

“These larget machines can cause much more damage in DDoS (distributed denial of services) attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”