Word Press under attack

**Citizen X** · 13-Apr-13, 07:06 PM

Hi Hermes14,

Please tell me, what joy or benefit do these characters derive from what they do? Why do they engage in such activity?

**Hermes14** · 14-Apr-13, 12:16 PM

This definitely looks like the work of anonymous to me.
There can be a thousand & one reasons why they would do something like.
I once asked the same question to a person who had contacts in anonymous & she said because they can.
I know it doesn’t sound like a valid reason but that is the one I got.
I personally believe their reasons are more politically & power orientated.
From what I have heard back in 2003 the FBI managed to infiltrate them by posing as one of them & a few of them got arrested.
Since then they have become more discrete & have been harder to identify.

Imagine if you could control every computer in the world both online & offline how powerful you would be.

Service agence web sur Reims - anonyops.com

http://www.anonyops.com/

Anonymous (hacker group) - Wikipedia

http://en.wikipedia.org/wiki/Anonymous_(group)

**AndyD** · 14-Apr-13, 01:00 PM

Originally posted by Hermes14

Although they say these attackers are unknown, it looks like the work of Anonymous.

Originally posted by Hermes14

This definitely looks like the work of anonymous to me.

I doubt it, not really their modus operandi, the majority of anon attacks are DDoS and not brute force hacks, they're also more focussed.

**Hermes14** · 15-Apr-13, 07:54 AM

Originally posted by AndyD

I doubt it, not really their modus operandi, the majority of anon attacks are DDoS and not brute force hacks, they're also more focussed.

What do you think the motive for the attack could be?

**AndyD** · 15-Apr-13, 09:17 AM

To be honest I wouldn't have a clue. It's possibly someone with a political/social/religious agenda that has an existing botnet and is tying to expand it but brute force attacks like this are very high profile and as such would receive a lot of unwanted attention so that theory is a long shot. Otherwise it's probably just a traditional hacking group making a name for itself. Never underestimate what can be achieved by a few script-kiddies with laptops and an internet connection in their bedroom.

**HR Solutions** · 15-Apr-13, 09:54 AM

How would this affect some of us that are looking at a guy setting up a word press website ? And would you know if a wordpress website is any good ??

**solweb** · 15-Apr-13, 01:43 PM

Originally posted by HR Solutions

How would this affect some of us that are looking at a guy setting up a word press website ? And would you know if a wordpress website is any good ??

Wordpress releases security updates as soon as a problem occurs. Make sure you update as soon as a new version is avail - same for your themes and plugins. Use a reliable host - you have MWEB and Hetzner locally and the one I recommend is HostGator in the US.

Wordpress is still the most popular Contenet Managemnent System availble - very robust but simple to use.

**HR Solutions** · 15-Apr-13, 04:10 PM

Thank you solweb for your input

**Dave A** · 15-Apr-13, 07:47 PM

Originally posted by Hermes14

What do you think the motive for the attack could be?

There are so many things you can do when you hack a web domain compared to a pc...

When it comes to sending spam emails, you might pick up a volume or white label advantage when you've compromised a server rather than a pc, but here's an example of the sort of mischief you can get up to with a server or domain hosting account that isn't an option with pc's.

Targetting Wordpress sites makes a lot of sense because there's a much higher chance the real user is less tech savvy than those using more complex scripts, and accordingly is less likely to spot their domain has been compromised.

**AndyD** · 15-Apr-13, 11:47 PM

I actually wondered if this could be linked to the spamhaus attack that's been going on and I agree that hitting Wordpress servers would have a higher sucess rate that most.

**Mitos** · 16-Apr-13, 12:15 PM

The info I read up on this is that WordPress sites with the "Admin" user login name selected is most likely to be hit!

**solweb** · 17-Apr-13, 06:58 AM

Originally posted by Mitos

The info I read up on this is that WordPress sites with the "Admin" user login name selected is most likely to be hit!

Using Admin as the user name already makes your friendly neighbourhood hacker's job easier - now he only has to figure out the password - like "God" or "1234"

Use a Password Manager to generate passwords http://www.keepassx.org/ and use differant user names for differant projects

**Hermes14** · 18-Apr-13, 11:09 AM

Is there a way to block anyone using an anonymizer for visiting your site?

**Dave A** · 18-Apr-13, 07:58 PM

Yeah - with IP blocking. The trouble is any IP list of non-transparent proxies will get out of date in no time (and abusers of anonymous browsing are on the bleeding edge, of course).

What platform are you using?
Why do you want to block them? (ie what nuisance are they causing?)

Knowing that might jut help me make a more useful suggestion. There are many ways to skin a cat.

Word Press under attack

Word Press under attack

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment