WordPress blog under online attack

Wordpress under online attackWordPress blog has come under attack from unidentified hackers.The hackers are attacking the WordPress blog and hosts using weak passwords on a large scale. The attack is using brute force to get the passwords for the commonly used login name “admin”.

Cloudfare posted

One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack

Krebs On Security reported about 90,000 web servers are being used  for

online attacks designed to break into poorly-secured WordPress blogs is fueling the growth of an unusually powerful botnet .

The infected sites will be seeded with a backdoor that allows the attackers to control the site remotely .The infected site will be used as a botnet to run a brute force attack against other sites running WordPress reports Incapsula on Kebs On Security.

Host Gator posted

As I type these words, there is an on-going and highly-distributed, global attack on WordPress installations across virtually every web host in existence

WordPress is one of the most popular blogging websites but the security of the WordPress was always considered weak in terms of authentication. Many users keep the default username i.e admin,  making it easy for attackers to brute force the WordPress sites. To keep your site secure, change the password of your site and include the combination of numbers ,letters with special characters for a new password.

Source Cloudfare,HostGator,KrebsOnSecurity