Wordpress botnet attack could pave way for larger site takedowns

Cyber attack on blogging platform could have far-reaching effects, warn IT security experts.

Blogging

The fallout from the Wordpress cyber attack could have far-reaching repercussions, as security experts fear the perpetrators could seize on compromised accounts to spread malicious material.

The blogging platform has reportedly been hit by a "brute force" attack that targets the Wordpress administration portal and tries to log into accounts with the username "admin" by trying thousands of passwords.

A botnet is thought to have been employed to carry out the attack, as tens of thousands of unique IP address have been recorded trying to hack into Wordpress installs.

Wordpress founder Matt Mullenweg, said admin' had been the default username for many users until the introduction of a newer version of the site several years ago.

"If you still use admin' as a username on your blog, change it, use a strong password, if you're on WP.com turn on two-factor authentication, and make sure you're up-to-date on the latest version of Wordpress," he wrote in a blog post.

"Do this and you'll be ahead of 99 per cent of sites out there and probably never have a problem."

Hosting provider CloudFlare said the attack could pave the way for a larger one later down the line.

"One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack," said the company in a blog post.

"These larger machines can cause much more damage in DDoS (Distributed Denial of Service) attacks because the servers have larger network connections and are capable of generating significant amounts of traffic," it continued.

Olli-Pekka Niemi, vulnerability expert at network security vendor Stonesoft, said the attackers could also gain access to people's accounts to carry out further attacks.

"By compromising Wordpress blogs, attackers may be able to upload malicious content and embed this into the blog. When readers visit the blogs in question they would then be subject to attack, come under compromise and develop into botnets," Niemi warnd.

"Blog writers should use strong passwords to protect their accounts and their users, whom they have a responsibility to protect."

Meanwhile, Matt Middleton-Leal, UK and Ireland regional director security vendor Cyber-Ark, said there is a risk that once cracked these Wordpress login credentials could be used to gain access to other sites.

"If Wordpress users have been targeted in this attack, they should change their username and password details for their Wordpress account, but also for any other accounts for which they use the same credentials," said Middleton-Leal. 

"This is especially critical if the same details are used for work purposes, as protecting these details is essential when it comes to securing what really matters within an organisation."

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

TikTok phishing campaign tried to scam over 125 influencer accounts
social media

TikTok phishing campaign tried to scam over 125 influencer accounts

18 Nov 2021
Smart luggage is not so smart when it comes to cyber security
cyber security

Smart luggage is not so smart when it comes to cyber security

15 Nov 2021
Europol reveals how ransomware gangs are evolving to evade capture
cyber crime

Europol reveals how ransomware gangs are evolving to evade capture

12 Nov 2021
The Okta digital trust index
Whitepaper

The Okta digital trust index

11 Nov 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022