Major WordPress Bruteforce attack underway

We are seeing pattern of brute force attack against WordPress sites across CPHosting network. Attack is coming from distributed IP addresses and there seems to be no particular range. Our initial guess is, large Botnet is attempting to login to WordPress web site(s) with different user name and password combinations to hack into users WordPress installation and post malicious codes.

Following image is from apache web logs showing login attempts from distributed IP addresses coming from multiple IP ranges and net-blocks.

Wordpress Botnet Attack

If your WordPress installation is not current, now it is the right time to upgrade it to the latest version and change your admin / author passwords to 100 strength. Please go through this Wikipedia article which explains what is password strength.

“Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability”

Wordpress Botnet AttackIt is very easy to upgrade WordPress installation. To upgrade WordPress installation first take complete backup of your web site through control panel and then login to admin area of your WordPress installation. Once logged in, click on updates section in left navigation bar and update your WordPress installation, plugins and themes to latest version. We at CPHosting expertise in WordPress and also provide WordPress upgrade service for minor fees. Please contact support team for quote.

We at CPHosting are closely working with our clients and security experts to keep this attack under control. Please feel free to contact support team with any further queries you may have.

9 thoughts on “Major WordPress Bruteforce attack underway”

  1. Just Received email from you mahinder, I am running wordpress 3.5.1. Do I still need to worry about this attack?

    1. Hi David,

      WordPress 3.5.1 is the latest wordpress version. However, please make sure all plugins and themes on your web site are also up-to-date with latest secure version. Also, you may reset admin password to something very difficult and hard to crack like this

      vg$27)7H8AwG

    1. Upgrade will not effect bandwidth limit for your web site however Your account backup will use some disk space. Please note at present, we do not backup accounts who are larger then 15GB in Size.

      Mike Foster.
      CPHosting Team.

  2. I was seeing heavy failed logins (I run Limit Login Attempts on all WP sites and it’s been blocking a ton of addresses the last few days).

Comments are closed.