One of the top stories in the news this month has been the botnet attack currently taking place against WordPress sites. A botnet is endearingly known as a zombie army. It’s a group of internet programs or computers that communicate with each other over the web to carry out a task, typically without the user’s knowledge. In this case, the task is a brute-force attack on WordPress sites.
A brute-force attack is an attempt to log into an account by systematically trying thousands of passwords. A botnet is not necessary to carry out a brute-force attack, but using multiple computers avoids reaching a multiple attempt limit for logins and allows the attacker to try more password combinations. Over 90,000 unique IP addresses have been recorded in this brute-force attack.
The attackers are targeting WordPress websites that use default admin login names. The top five usernames being attempted are “admin,” “test,” “administrator,” “Admin,” and “root.” The top five passwords are “admin,” “123456,” “111111,” “666666,” and “12345678.”
The best way to protect yourself from the botnet attack is to change your username and password to something more unique. Even if you’re not using one of the top five usernames or passwords, thousands of other passwords are being attempted in the botnet attack. So create a complex, hard-to-guess password to keep your site safe. For more safety tips, read our blog post about protecting your website from the botnet attack.
Botnets can carry out malicious actions such as forcing websites offline and carrying out hacking attempts. According to vulnerability expert Olli-Pekka Niemi at the network security vendor Stonesoft, the botnet attackers may carry out further attacks by gaining access to people’s accounts.
She said, “By compromising WordPress blogs, attackers may be able to upload malicious content and embed this into the blog. When readers visit the blogs in question they would then be subject to attack, come under compromise and develop into botnets.”
Right now, the botnet is based on a weak system of home PCs but appears to be attempting to penetrate larger servers. Servers are more effective at using botnets to force websites offline, because they can generate more traffic on those sites to overwhelm them. When a website is bombarded with too much information and crashes, it is called a DDoS (Distributed Denial of Service). All of this means that the threat of a botnet attack hasn’t gone away yet. In fact, it may get worse.
MayeCreate gives tips on how you can protect your website from a botnet attack and takes measures to protect the websites it hosts. For any questions or concerns you have about the protection we provide, contact us.