TECH

Wordpress Attacked By Botnet In Massive DDoS Onslaught

15/04/2013 13:47 BST

Blog hosting website Wordpress has come under attack from a botnet comprising "tens of thousands" of computers.

The attack is targeted at users of the website who still use the default "admin" username.

It then tries thousands of common password combinations in an attempt to break in.

wordpress botnet

The attack has been happening since last week

Wordpress founder, Matt Mullenweg, gave advice on how users could protect themselves.:

Writing on his blog he said: "Here’s what I would recommend: If you still use “admin” as a username on your blog, change it, use a strong password, if you’re on WP.com turn on two-factor authentication, and of course make sure you’re up-to-date on the latest version of WordPress.

"Do this and you’ll be ahead of 99% of sites out there and probably never have a problem. Most other advice isn’t great — supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great (they could try from a different IP a second for 24 hours)."

Wordpress powers 64 million websites worldwide and is the interent's most popular blogging website, with its users posts read by 371 million people each month.

Botnets are collections of internet programs that communicate with each other across the web in order to carry out a set task.

Whilst most are legitimate many are used in order to carry out denial of service attacks where a website is bombarded with information requests to the point it cannot deal with normal traffic, often crashing entirely.

Computers can be co-opted into being part of a botnet without the user even knowing, usually through downloading malicious software.

Tech commentators raised concerns the attack could just be the build-up for something bigger.

Writing on his blog, Matthew Prince, Chief Executive of Cloudflare said: "One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack.

"These larger machines can cause much more damage in DDoS attacks because the servers have large network connections and are capable of generating significant amounts of traffic.

"This is a similar tactic that was used to build the so-called itsoknoproblembro/Brobot botnet which, in the Fall of 2012, was behind the large attacks on US financial institutions."