After analyzing the piece of a DDOS attack Log file from timing 23/Sep/2013:13:03:13 +0200 to 23/Sep/2013:13:02:47 +0200, we found that in 26 second attacker was able to perform DDOS attack from 569 unique compromised WordPress blogs. Hacked websites include blogs of Mercury Science and Policy at MIT, National Endowment for the Arts (arts.gov), The Pennsylvania State University and Stevens Institute
According to the statistics recently published by WP WhiteSecurity, more than 70% of WordPress installations are vulnerable to hackers out of the World’s Top 1 Million websites having a WordPress installed.
From the table above you can determine that at least 30,823 WordPress websites out of 42,106 are vulnerable to exploitable vulnerabilities, which can be detected using free automated vulnerability assessment tools.
Also in August, 2012 Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine.
If you are running WordPress sites, now would be a good time to ensure that strong passwords are always used and that your username should be changed from “admin”.
Avoid Obvious Passwords, Scan your computer for viruses, keyloggers, rootkits, and botnet software. Most importantly, Update WordPress and all plugins to the latest versions.
Keep Rocking…. 😀
Author : Ashu Singh