About Us | Contact Us
View Cart

Username “Admin” WordPress Sites Targeted By Brute-Force Hackers

By Vigilize | Thursday, April 18, 2013 - Leave a Comment

Users are advised to change their usernames from the default and have strong passwords.

WordPress founder Matt Mullenweg issued a warning Friday about hackers infiltrating accounts with the username set to the default “admin.” Several large-scale, well organized brute force attacks successfully hacked into an unknown number of WordPress sites with administrator usernames of “admin” or “Admin.” Once hacked, a backdoor is installed, allowing the attackers to access the site even after the password has been changed. They have seen the number of brute-force attacks nearly triple in the last few days, reaching upwards of 100,000 attempts per day.

The best solution is to change the targeted username. Not only “admin,” but also “administrator,” “test,” and “root” are susceptible to being targeted by the attackers. In addition to these changes, Mullenweb advises users to maintain strong passwords, implement two-factor authorization, and make sure WordPress is up to date.

Original article by Mathew J. Schwartz.
Read the full story here.

Leave a comment


(required) [will not be published]

Solve this Captcha * Time limit is exhausted. Please reload CAPTCHA.

Latest News