Just received from a friend:
There is an on going and highly distributed, global attack on WordPress installations at every known web host to crack open admin accounts and inject various malicious scripts.
In a detailed analysis of the attack pattern it was found out that most of the attack was originating from CMSs (mostly wordpress). Further analysis revealed that the “admin” accounts had been compromised (in one form or the other) and malicious scripts were uploaded into the directories.
Today, this attack is happening at a global level and wordpress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP’s used are spoofed), it is making it difficult for us to block all malicious data.
This is the reason why some servers have gone down in recent days.
To ensure that your websites are secure and safeguarded from this attack, we recommend the following steps:
I’ve heard about sites bending under the load, having admin panels disabled, and/or passwords cracked. Can’t recommend highly enough that anyone with a WordPress blog follow these instructions. At the very least, do a site backup, because I speak from experience when I say that failure to do that will cause you a lot of grief down the road.
- Divide and Conquer: A Cautionary Tale
- Instant celebrity, courtesy of Twitter’s stupid identity policies