Global attack on Wordpress installations underway

[logistopath]

A large distributed brute force attack against WordPress sites is understood to be occurring. A large botnet with more than 90,000 servers is attempting to log in by cycling through different usernames and passwords.
A study of various attack patterns has led to security software firm Sucuri concluding that the number of brute force attacks against WordPress has tribled in recent months and that reports of attacks are accurate.
Irish web hosting provider Spiral Hosting emailed its clients to advise them of the brute force login attacks.
“There is currently a large scale brute force attack coming from a large amount of IP addresses spread across the world,” Peter Armstrong, managing director of Spiral Hosting explained.
“A large botnet has been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard. This is affecting almost every major web hosting company around the world. Our Network Operations Centre (NOC) has detected a significant increase in botnet activity in the last 24 hours.”
.
.
.

Source

 

[logistopath]

Got a mail with similar info from my web host too.. Not too sure what the effects will be, but changed the admin passwords to something more secure for now.

 

[6pack]

whats there to get by hacking wordpress sites anyway? i mean most are just personal blogs and such stuff.

 

[blkrb0t]

whats there to get by hacking wordpress sites anyway? i mean most are just personal blogs and such stuff.

Since Wordpress is the most used CMS, it makes sense to attack it. All the compromised websites can then be used to distribute malware.