Username “Admin” WordPress Sites Targeted By Brute-Force Hackers
Users are advised to change their usernames from the default and have strong passwords.
WordPress founder Matt Mullenweg issued a warning Friday about hackers infiltrating accounts with the username set to the default “admin.” Several large-scale, well organized brute force attacks successfully hacked into an unknown number of WordPress sites with administrator usernames of “admin” or “Admin.” Once hacked, a backdoor is installed, allowing the attackers to access the site even after the password has been changed. They have seen the number of brute-force attacks nearly triple in the last few days, reaching upwards of 100,000 attempts per day.
The best solution is to change the targeted username. Not only “admin,” but also “administrator,” “test,” and “root” are susceptible to being targeted by the attackers. In addition to these changes, Mullenweb advises users to maintain strong passwords, implement two-factor authorization, and make sure WordPress is up to date.
Original article by Mathew J. Schwartz.
Read the full story here.
Leave a comment
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more
We’re pretty proud of Dan’s predictive prowess and can’t resist taking another look a Read more
Great Resources For User Awareness An article review. We at infotex take great pride Read more
As the cryptocurrency gains users, some financial organizations are cracking down. An Read more