Major brute force attack against WordPress under way

12 Apr 2013 692 Shares

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

A large distributed brute force attack against WordPress sites is understood to be occurring. A large botnet with more than 90,000 servers is attempting to log in by cycling through different usernames and passwords.

A study of various attack patterns has led to security software firm Sucuri concluding that the number of brute force attacks against WordPress has trebled in recent months and that reports of attacks are accurate.

Irish web hosting provider Spiral Hosting emailed its clients to advise them of the brute force login attacks.

“There is currently a large scale brute force attack coming from a large amount of IP addresses spread across the world,” Peter Armstrong, managing director of Spiral Hosting explained.

“A large botnet has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This is affecting almost every major web hosting company around the world. Our Network Operations Centre (NOC) has detected a significant increase in botnet activity in the last 24 hours.”

Brute force attacks have reached epidemic levels

Armstrong continued: “Brute force attacks have reached epidemic level. Therefore, we have joined other major web hosting providers by advising all our clients who use WordPress to install an additional plugin ‘Limit Login Attempts’ that will help to prevent brute force attacks.”

Armstrong said that it is crucially important that WordPress websites are kept up to date.

“Normal security procedures include regular updates of the WordPress core files, plugins and theme files. In addition to this, we also recommend WordPress administrators change their login username from the default ‘admin’ username, use very secure passwords, and install the ‘Login Limits Attempts’ plugin or other WordPress security plugins.

“Another security risk that WordPress administrators sometime forget about are inactive themes, installed on their blog but no longer in use. The files for the WordPress themes are still located in the /wp-content/themes/ directory, and even if they’re not being used, they’re still vulnerable to being hacked/exploited if they’re not kept up to date. Therefore, we recommend WordPress administrators delete all WordPress themes except the active theme currently in use on their website,” Armstrong said.

Hacker attack image via Shutterstock

Editor John Kennedy is an award winning technology journalist.

editorial@siliconrepublic.com

You May Also Like

You May Also Like

SUBSCRIBE TO OUR E-ZINE

  • Sign up to receive weekly alerts bringing the best of Siliconrepublic.com straight to your inbox.

More from Business

Latest News