FRIHOSTFORUMSSEARCHFAQTOSBLOGSCOMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Compromised WordPress blogs used in DDoS attack






What CMS are you using?
Wordpress
100%
 100%  [ 2 ]
Joomla
0%
 0%  [ 0 ]
Drupal
0%
 0%  [ 0 ]
DNN
0%
 0%  [ 0 ]
Total Votes : 2

zimmer
Quote:
Thousands of websites using the WordPress platform are being compromised to form a so-called WordPress botnet, a tech site reported Thursday.

A report on The Hacker News said hackers are targeting a "large number" of WordPress websites across the Internet, after compromising 90,000 servers in April 2012.

Citing logs from a recent attack, The Hacker News' Mohit Kumar said one DDoS target's website was attacked by "various compromised Wordpress-based websites."

"(We found the) attacker was able to perform DDOS attack from 569 unique compromised Wordpress blogs. Hacked websites include blogs of Mercury Science and Policy at MIT, National Endowment for the Arts (arts.gov), The Pennsylvania State University and Stevens Institute of Technology," he said.

"This attack is happening at a global level and WordPress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP’s used are spoofed), it is very difficult to block all malicious data," he added.

He added an attacker could use a large number of high-performance hosting to build a much larger botnet.

Kumar cited figures from WP WhiteSecurity showing more than 70 percent of WordPress installations are vulnerable to hackers.

"If you are running WordPress sites, now would be a good time to ensure that strong passwords are always used and that your username should be changed from 'admin,'” he said.

"Avoid Obvious Passwords, Scan your computer for viruses, keyloggers, rootkits, and botnet software. Most importantly, Update WordPress and all plugins to the latest versions," he added.


MOD - Quotes added. Material you did not write should be quoted and sourced. Please refer to the forum rules here: http://www.frihost.com/forums/vt-13011.html
- Ankhanu


Report reference - http://www.gmanetwork.com/news/story/328277/scitech/technology/compromised-wordpress-blogs-used-in-ddos-attack
manfer
zimmer wrote:
"Avoid Obvious Passwords, Scan your computer for viruses, keyloggers, rootkits, and botnet software. Most importantly, Update WordPress and all plugins to the latest versions," he added.


The problem is not using wordpress or any other but not doing what is explained on that statement. There are a huge amount of people that just installs wordpress or other CMS for testing or because someday they decided it must be cool to have own website but they don't maintain it. Sometimes because they just lost interest soon and abandon the project, sometimes because they have not the required knowledge to maintain a site, sometimes because they just don't care, ... It is totally irresponsable to stop maintaining a site and can lead to the site being used on illegal activities. It hurts the rest of the members on shared hostings.
deanhills
Agreed. All one has to do is to check out Hacker Forums, and they deliberately target WordPress because of its known vulnerabilities. It's become a fun sport for script kids to hit WordPress blogs. Particularly for beginners as an exercise to find their way into Admin accounts. Great Zimmer is posting it here where every one can see it, as I don't think that one could ever overstate the vulnerabilities of WordPress. Most of all, to neglect the blog while comments are enabled. Not to upgrade software, and to make blog posts with the Admin Account. Owners need to be vigilant for the comments that are made, particularly when there are disagreements. As the latter can lead to "acts of revenge" in the form of hacking or DDoS'ing. One just can't leave a WordPress Blog unattended.
drjim
deanhills wrote:
Agreed. All one has to do is to check out Hacker Forums, and they deliberately target WordPress because of its known vulnerabilities. It's become a fun sport for script kids to hit WordPress blogs. Particularly for beginners as an exercise to find their way into Admin accounts. Great Zimmer is posting it here where every one can see it, as I don't think that one could ever overstate the vulnerabilities of WordPress. Most of all, to neglect the blog while comments are enabled. Not to upgrade software, and to make blog posts with the Admin Account. Owners need to be vigilant for the comments that are made, particularly when there are disagreements. As the latter can lead to "acts of revenge" in the form of hacking or DDoS'ing. One just can't leave a WordPress Blog unattended.


it's not just wordpress this applies to either. that goes for any and all popular software. i recall conversing with a hacker some years ago. whenever she would get info on an "exploit" for the current version or a popular version of a program\script\service that has yet to be updated or patched, she would just google and search for websites that have the version the exploit can.. well... exploit, and just hack it for funsies.

quite immature, but it happens none the less.
wombatrpgs
drjim wrote:


it's not just wordpress this applies to either. that goes for any and all popular software. i recall conversing with a hacker some years ago. whenever she would get info on an "exploit" for the current version or a popular version of a program\script\service that has yet to be updated or patched, she would just google and search for websites that have the version the exploit can.. well... exploit, and just hack it for funsies.

quite immature, but it happens none the less.

Got to stay in practice, I guess.
drjim
yes, and as previously mentioned... keep your software updated. that one of the most useful tips i can give you to keep your website and computer safe from malicious internet users. it's not just recommended by me either, it's recommended by anyone who knows what they're doing. so do it! Exclamation
RosenCruz
Yeah I got my WP once hacked too with an index page. This botnet army seems like a scary idea Rolling Eyes
grofet
Don't forget to back up all the data of wordpress site regularly to prevent unrecoverable database lost. Update the software script once a week if it is available is also very important stuff to do for wordpress users. If you do not want to do that you should use wordpress managed hosting or move to blogger for the best protections against ddos attacks and other hacking methods.
deanhills
While we are at giving tips, one I've found that makes great sense to me, since that seems to be one of the main ways hackers get access to Wordpress sites or Forums, is to change the "Admin" account to a new name. I.e. don't make blog posts with the Admin account for starters. Create another account that is completely neutral and unrecognizable as Admin, maybe starting with the middle of the alphabet and give it Admin power. Then get rid of the Admin account or rename it to something else.

Another tip is to always turn off the "lights" when you go on holiday, i.e. disable comments and registration of accounts. Or if you can't afford to let your Website be inactive, make sure you've got able staff to look after it for you (like at Frihost Wink ).

Hackers thrive on Websites that have no activity in them and/or have lots of spam in the comments. It's the equivalent of a label - "hack me please".
harrer
Some simple things like removing admin and hiding obvious information makes your wordpress significantly stronger.
Plugins should be also kept in check. Some plugins get sold and new users might be malicious thinkers. So always prefer to use open source plugins.
One last thing, keep it updated.
Related topics
Shoutbox?
Server 2 down (allways)
Whats with people dos attacking servers?
Wordpress as CMS
is this allowed on Frihost?
Tricking comment spam bots? (possible solution inside)
Wordpress 2.5
cdpuvbhfzz.com
Server 2 Super High Load and DNS down
mod_security reports WordPress as SQL injection attack!
Website not loading?
Server 2/3 DDOS
[notícias] Wordpress blogs under attack from hack attack
google suspicious period for independent Wordpress blogs
Reply to topic    Frihost Forum Index -> General -> General Chat

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.