Wordpress has been attacked by a botnet of "tens of thousands" of
individual computers since last week, according to server hosters
Cloudflare and Hostgator.
The botnet targets Wordpress users with the username "admin", trying thousands of possible passwords.
The attack began a week after Wordpress beefed up its security with an optional two-step authentication log-in option.
The site currently powers 64m websites read by 371m people each month.
According to survey website W3Techs, around 17% of the world's websites are powered by Wordpress.
"Here's what I would recommend: If you still use 'admin' as a username
on your blog, change it, use a strong password," wrote Wordpress founder
Matt Mullenweg on his blog.
He also advised adopting two-step authentication,
which involves a personalised "secret number" allocated to users in
addition to a username and password, and ensuring that the latest
version of Wordpress is installed.
"Most other advice isn't great - supposedly this botnet has more than
90,000 IP addresses, so an IP-limiting or login-throttling plugin isn't
going to be great (they could try from a different IP [address] a second
for 24 hours)," Mr Mullenweg added.
Matthew Prince, Chief Executive and co-founder of Cloudflare, said that
the aim of the attack may have been to build a stronger botnet.
"One of the concerns of an attack like this is that the attacker is
using a relatively weak botnet of home PCs in order to build a much
larger botnet of beefy servers in preparation for a future attack," he
wrote in a blog post.
"These larger machines can cause much more damage in DDoS [Distributed
Denial of Service] attacks because the servers have large network
connections and are capable of generating significant amounts of
traffic," he added.
bbc.co.uk
No comments:
Post a Comment