It seems like hackers have been in the news a lot since the New Year, with PayPal, Evernote and the Government websites all under attack. It’s not even been a month since CloudFlare’s report of the biggest attack in history. The most recent string of attacks are on WordPress websites and it has led to many people being locked out of the admin panel of their accounts.
What Is WordPress?
For those unfamiliar with WordPress, it is a content management system. There are two versions, WordPress.com (the free version) and WordPress.org, that give you the framework for creating your own blog or website. WP is one of the most popular open source programs available, with 64 million blogs and websites developed and run through it.
The WordPress system allows people to create their own websites without having to hire a professional developer; is cheaper and is easier to maintain
WordPress Attacks: How Are They Happening?
According to both Hostgator and CloudFlare, the attacks have been ongoing for the past few weeks. They started off slow and died off but then the attackers came back with a vengeance. The attacks are happening through brute-force methods with the use of botnets. The idea is to break into the admin panel to take full control of a website.
The hackers are breaking into those with weak passwords, using the “admin” username, and so far around 90,000 IP addresses have been used to attack the websites. It is difficult to pinpoint the source of the attack or even determine the number of hackers.
This type of attack is actually one of the least sophisticated seen in recent months. Unlike many of the others, no group or individual has stepped forward to admit to the attacks (Anonymous, admitted to the attacks on the Government websites) and there is no clear motive except to get control of the websites.
While unsophisticated, brute force attacks are among the most common attacks and WordPress websites are under threat daily – this is just the largest level of attacks we’ve seen at one time.
A Potential Development of the Attacks
CloudFlare are currently reporting that the brute force hacking attempts could develop into a different type. At the moment, the attacks are on the admin panel – but it is possible for hackers to guess the username of others by looking at those who offer the most amount of content on a site. CloudFlare and other hosting websites are keeping an eye out for such a possibility and warning their customers.
No comments:
Post a Comment