WordPress Attacked by Botnet

Own a WordPress site? Had trouble with it this last week? Well you’re not the only one. A botnet had been configured to target the default user that is created anytime a WordPress site is set up.

A botnet is a network of computers that have previously been infected with a virus. This virus gains control of the computer it has infected but doesn’t always set to work straight away. The virus infects multiple computers until it has a network of computers large enough for the users intent. The user can then control all of these computers and instruct them to do their bidding, in this case targeting WordPress sites.

The scale of this attack comes down to the basic install of a WordPress site. WordPress is a Content Management System (CMS) that utilises a username and password to enable someone to log in to the site and make any changes they want. Throughout the default install of WordPress the user name that is suggested to everyone is “admin”. This is what has been targeted and due to the large amount of WordPress sites out there (upwards of 64m) it wouldn’t be surprising if one of your websites was hit.

There are however several ways you can guard against this:

> Change your username from “Admin”. Make it personal to yourself and use a strong password, at least two capital letters, numbers and punctuation.

> Enable “Two Step Authentication”. This assigns a secret number to every user of the site and if you don’t know the secret number, you won’t be getting in.

Hopefully your site hasn’t been compromised and you can take these steps to further safeguard your website.

One of the concerns also raised after this attack is that the WordPress websites weren’t the primary target of the assault. Experts fear that this botnet was predominantly comprised of  home computers that are relatively weak machines and that they were actually targeting servers to infect with virus’. As servers are a lot more powerful than regular computers they can process much larger amounts of traffic at a time.

Which is where the real threat lies.

Have you been affected by this?

Blog Post by Greg McVey writing for Net66