Huge Botnet Attack Targets WordPress Sites

Dennis Faas's picture

Hackers have reportedly initiated a widespread attack on sites that use the WordPress publishing platform. Hosts using particularly weak passwords are being told to change those passwords or risk having their sites taken over.

The hacking campaign reportedly uses a "brute force" strategy, meaning hackers use the login name "admin" and then try thousands of typical passwords to bypass security.

Hackers Hoping to Create a "Beefy" Botnet

The goal, according to security experts, is to build a huge and powerful botnet.

"One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack," security company CloudFlare recently noted on its website.

Security firms have indicated that, once a system's security is bypassed, hackers then install malicious software that gives them remote control of the affected system. (Source:

Once a system is infected, it can be used to help expand a growing botnet that can carry out more attacks on more sites.

"The infected sites then are conscripted into the attacking server botnet, and forced to launch password-guessing attacks against other sites running WordPress," noted security firm Incapsula. (Source:

Imagine Star Trek's Borg extending their reach across the universe, one planet at a time!

Change Your Password Now, Security Experts Insist

So far, an estimated 90,000 IP addresses have been involved in the attack. It's possible that those systems which are infected could be used to shut down sites at a later date, and not just to expand the hackers' growing botnet. (Source:

Security experts are warning anyone with a WordPress site or account to immediately update their passwords. Better still, users should pick a password that will be virtually impossible to guess.

Think your system might be infected? Reports indicate that symptoms include slow performance and the inability to log into a WordPress account. Infected WordPress-based sites may also be inaccessible to visitors for a short time.

Rate this article: 
No votes yet