Patching the Internet in Realtime: Fixing the Current WordPress Brute Force Attack
On April 11, 2013, a significant brute force attack was launched on numerous WordPress blogs across the internet. The attacker targeted administrative portals using the username "admin" and tried thousands of passwords. A botnet with more than tens of thousands of unique IP addresses was used to execute the attack. There is concern that this attack may be building a larger botnet for future, potentially more damaging attacks. CloudFlare has released a rule through its WAF to detect and stop the signature of the attack, providing protection to all its customers, including those on the free plan.
Company
Cloudflare
Date published
April 11, 2013
Author(s)
Matthew Prince
Word count
332
Hacker News points
None found.
Language
English