Information Security News
mailing list archives
WordPress Hackers Exploit Username 'Admin'
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 16 Apr 2013 01:09:18 -0500 (CDT)
By Mathew J. Schwartz
April 15, 2013
Attention, WordPress users: If you have a WordPress username set to "admin,"
change it immediately.
That warning was issued Friday by WordPress founder Matt Mullenweg, in the
wake of reports that thousands of WordPress sites with an administrator
username set to "admin" or "Admin" had been compromised via large-scale brute
force attacks. Service provider HostGator, notably, reported Thursday that
"this attack is well organized and ... very, very distributed; we have seen
over 90,000 IP addresses involved in this attack."
According to survey website W3Techs, approximately 18% of all websites -- by
some estimates, about 64 million sites -- run WordPress.
Successfully exploited sites get a backdoor installed that provides attackers
with ongoing access to the WordPress site, regardless of whether a user
subsequently changes the password guessed by attackers. Exploited sites are
then used to scan for WordPress installations, and launch the same type of
attack against those sites.
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
- WordPress Hackers Exploit Username 'Admin' InfoSec News (Apr 16)