Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

Wordpress admin accounts attacked by botnet

16 April, 2013
Blogging software users have come under attack from a botnet aimed at admin accounts with trivial passwords


Targeting accounts with popular usernames such as admin or user, the botnet launched a brute force attack bombarding sites with dictionary derived password attempts thus gaining access to many which had been set up with trivial credentials. Accessed sites then gave cyber criminals the means to compromise the site and in some cases to access other domains.



The botnet strike has once again highlighted the need to use strong passwords and not to share the passwords across domains or accounts.



According to Matt Middleton-Leal of Cyber-Ark, “Common usernames and weak passwords are extremely risky online, however, the dangers are compounded if users re-use the same login credentials for other sites."



“It’s particularly concerning that so many accounts use these generic login details, particularly if these credentials are shared amongst multiple employees for business use.  Administrator accounts often have the widest access within an organisation’s network and if these accounts are compromised, hackers can effectively have the same capabilities as IT administrators with unlimited access within the business."



“If Wordpress users have been targeted in this attack", Matt continued, "they should immediately seek to change their username and password details for their Wordpress account, but also for any other accounts for which they use the same credentials."



The risks also extend to users of the Wordpress site that has been compromised, as explained by Olli-Pekka Niema, Stonesoft's vulnerability expert. He said, “A concern of this attack is that by compromising WordPress blogs attackers may be able to upload malicious content and embed this into the blog. When readers visit the blogs in question they would be then be subject to attack, come under compromise and develop into botnets. The attacks against the word press blogs seem to be distributed, with automated attacks coming from multiple sources. This indicates that a botnet is performing these attacks. Blog writers should use strong passwords to protect their accounts and in the end, their users, to whom they have a responsibility to help protect.”


Bookmark and Share