WordPress hit by massive botnet: Worse to come, experts warn

Summary:A massive botnet of tens of thousands of machines is attempting to hack in to weak password protected "admin" accounts of the popular blogging platform.

Blogging and website platform WordPress has been hit by a massive botnet of tens of thousands of computers, but it could be just the surface of a wider, larger attack.

Screen Shot 2013-04-15 at 11.10.10
WordPress.com home page. Image: Screenshot by Zack Whittaker/ZDNet

The performance and security firm CloudFare warned in a blog post today that the unknown attacker is using a "relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack," suggesting a calm before a heavier storm.

The botnet is attempting to "brute force" attack WordPress websites using the username "admin", with thousands of different passwords. The botnet of machines — often individual machines infected with malware and subscribed to target servers and websites with vast amounts of data — is being used to hack web-based WordPress installations.

This botnet channels some bandwidth from individual computers infected with malware, which in mass and collectively can cause the overloading of servers. Typically, this kind of attack is either used by willing participants to cause a distributed denial-of-service (DDoS) attack against websites to force them offline, or by "slave" computers that can be used to carry out hacking attempts.

It comes only a week after WordPress enhanced user security by rolling out an optional two-factor authentication system.

WordPress founder Matt Mullenwag criticized those who were offering "solutions" to the problem, such as CloudFare, and instead suggested changing default usernames as an additional step to protect their WordPress accounts.

"If you still use 'admin' as a username on your blog, change it, use a strong password, if you're on WordPress.com turn on two-factor authentication, and of course make sure you’re up-to-date on the latest version of WordPress," he said.

"Do this and you’ll be ahead of 99 percent of sites out there and probably never have a problem."

WordPress remains a large target for hackers, which has around 64 million individual blogs and websites, with more than 370 million readers each month. Alexa ranks the blogging network as the 21 most visited site in the world.

Topics: Security

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.