Massive Attack on WordPress Sites by Hackers Reported
Apr 13, 2013 10:41 PM EDT
WordPress, one of the largest blogging platforms in the world, has been hacked again by the hackers. Unidentified hackers aim was to capture and retrieve login credentials for accounts that work at administrator levels.
The owners with the user name "admin" are the most susceptile target from this latest attack. The hackers used botnet virus to implement this attack.
Hackers tried out logins such as "admin" and then trying out massive amount of commonly-used passwords to attempt to match the password.
The founder of WordPress Matt Mullenweg has suggested that all those who use “admin" as their username should change their user name along with setting up more complicated password that are difficult to guess for the hackers. Users can further protect their login by activating two factor authentication feature that are already available at WordPress.
“Here’s what I would recommend: If you still use ‘admin’ as a username on your blog, change it, use a strong password, if you’re on WP.com turn on two-factor authentication, and of course make sure you’re up-to-date on the latest version of WordPress. Do this and you’ll be ahead of 99% of sites out there and probably never have a problem.”said Matt Mullenweg.
Hacked sites will result in lagging back-end speed or not being able to log in.
There was no mention of the attack on the WordPress blog or its Twitter account Friday evening.
WordPress is a free and open source blogging tool and a content management system (CMS) based on PHP and MySQL. WordPress is currently the most popular blogging system in use on the Web, powering over 60 million websites worldwide.