The seedy underbelly of the Internet is at it again. This time, their target is WordPress, with the aim of taking control over such websites for the proliferation of spam, the hosting of phishing websites – or both. To facilitate such an attack, a massive and well-connected botnet has been assembled, consisting of some 90,000 compromised computers and websites. These unwitting participants will have been programmed to attempt access to hundreds of thousands of WordPress installations across the globe (not only at Webnames.ca) through the administrator login and weak login passwords.
While Webnames is taking precautionary measures to limit the impact of the actual login attempts (referred to as brute-force attacks, which when especially voluminous form a distributed denial of service attack (DDoS)), any WordPress installation which utilizes an easily guessed password is now, more than ever, at serious risk of becoming compromised.
Protection from this risk is as simple as utilizing a complex password.
A complex password can come at the cost of some convenience; however the convenience factor pales in comparison to the cost of losing your entire website.
What constitutes a weak password is subjective, however if your current password favors convenience or simplicity, then it should be considered weak. Passwords containing sequential numbers, owner names, usernames, domain names, addresses etc. or one of 500 easily guessed passwords , are all easy fodder for a compromised computer (ala the aforementioned botnet) to systematically guess – it is simply a matter of time.
We strongly encourage all WordPress website owners to update their passwords – either directly or with the assistance of a trusted party. We have provided instructions on our website and are happy to assist customers with this update.
Please contact our Customer Support team at 1 866 221-7878 or firstname.lastname@example.org