Massive attack, aimed at creating a botnet of websites using WordPress discovered
The last few days in an intense web Brute Force attacks against password guessing accounts for the site based on the engine of free WordPress. Attack is massive and organized using a large botnet.
Became subject to attack sites are checked under a login entry "admin" through the pages / wp-login.php and / wp-admin with about thousands of the most popular passwords. If the selection of the password was successful in WordPress engine introduced backdoor that connects hacked site of the botnet and retains control even after the password change. Struck by the host begins to participate in Brute Force attack to identify other victims, but also can receive commands and perform other actions that are typical of botnets, such as the commission of DDoS-attacks. The current size of the botnet WordPress servers already estimated at more than 90,000 hosts.
