Websites Under Attack – Arbor Networks Exposes Huge BruteForcing Campaign as Cso Reveals The Scale of The Attacks
Two internet security organizations Arbor Networks Exposes Huge BruteForcing Campaign that has been going on since April where highly skilled hackers have been infecting computers then using them to attack websites that run on WordPress, Joomla and Datalife Engine platforms.
What these hackers are doing is something called a bruteforce attack where the hacker targets the administrator password of a domain with the aim of getting into the site and carrying out his malicious intentions. These attacks work by guessing typical passwords until the hacker gains access.
The hackers are also getting sharper by making PHP shell files that are designed to look like WordPress or Joomla add-ons which they upload on sites and use to gain control of webservers.
According to Arbor Networks, the hackers left a trail when they included hardcoded command and control addresses which allowed Arbor to follow the trail and gain access to information on the attacks. What arbor found is that there were over 25,000 windows computers that had been infected by the hackers and that were being used to attack over 6,000 domains mainly in Russia and Ukraine.
CSO discovered that the attacks are spreading, with domains in other countries getting attacked and it is just unfortunate that the hackers discovered their trail and fixed it. There is no way of knowing the exact scale of the attacks now.
Presently, the only people likely to be affected by this attack are people who work on sites which use Joomla, Wordpres or Datalife Engine. Now, it’s good to note that a majority of the sites on earth run on a WordPress platform. This means that this attack should not be taken lightly.
Unfortunately, there is not a lot that can be done in a case like this. While VPN is good for internet security and anonymity – especially if you are using a cutting edge market leader HideMyAss (review here), it cannot help in this case. For this, you will have to change your passwords and log in details so that you accounts are safe from brute-forcing. Good passwords include letters, numbers and special characters.