WordPress, Joomla Sites Under Brute-Force Password Attack

http://securitywatch.pcmag.com/security/310350-wordpress-joomla-sites-under-brute-force-password-attack

 Thousands of WordPress and Joomla sites are currently under attack by a large botnet brute-forcing passwords. Administrators need to make sure they have strong passwords and unique usernames for their WordPress and Joomla installations.

The attack looks for common account names, such as "admin," on the site and systematically tries common passwords in order to break into the acocunt.

Administrators don't want someone breaking in getting access to their sites, as that attacker could deface the site or embed malicious code to infect other people with malware. However, the organized nature of the attack and its large-scale operation implies even more sinister goals. It appears likely the attackers are attempting to get a foothold onto the server so that they can figure out a way to take over the entire machine. Web servers are generally more powerful and have bigger bandwidth pipes than home computers, making them attractive targets.

The attack volume is a hint at the botnet's size. HostGator estimated at least 90,000 computers are involved in this attack, and CloudFlare believes "more than tens of thousands of unique IP addresses" are being used.

A botnet is made up of compromised computers receiving instructions from one or more centralized command-and-control-servers, and executing those commands. For the most part, these computers have been infected with some kind of malware and the user is not even aware that the attackers are controlling the machines.