A giant botnet that targets WordPress users that may have administrator privileges has attacked the popular Web blogging and Web site content management system.
Find out how to activate the two-step authentication feature here
Mullenweg said users who take these steps are going to be “ahead of 99 per cent of sites out there.”
According to the technology survey site W3Techs.com, WordPress is used by as many as 17.6 per cent of all Web sites. The site powers no less than 64 million Web sites that are read by as many as 371 million people each month.
The attack on WordPress began last week after the site beefed up its security and introduced an optional two-step authentication log-in feature.
The attack on WordPress may have been carried out as part of an attempt to build a stronger botnet, according to Mathew Prince, CEO and founder of Cloudfare, a Web performance and security firm.
“It appears a botnet is being used to launch an attack and more than tens of thousands of unique IP addresses have been recorded attempting to hack WordPress installs,” Prince wrote in his blog. “One of the concerns of an attack like this is that the attackers are using a relatgively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack.”
“These larget machines can cause much more damage in DDoS (distributed denial of services) attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”