WPTavern: Hacked Home Routers are Launching Brute Force Attacks on WordPress Sites

WPTavern: Hacked Home Routers are Launching Brute Force Attacks on WordPress Sites

In WordPress security news, WPTavern report that Hacked Home Routers are launching Brute Force attacks on WordPress sites.

The research was carried out by the team that produces the WordFence plugin. WordFence captures a global view with information from sites that installed their plugin. The global view showed a many attempts at logins were coming from Algeria. Later investigations by WordFence discovered the routers used by the Algerian telco are. The routers had been susceptible to the Misfortune Cookie attack, which Checkpoint discovered in 2014. These compromised routers were then trickle feeding attacks against WordPress hosts, at a rate which would normally be below the radar of any individual host tracking by IP address.

WordFence have a blog entry on the Thousands of Hacked Home Routers attacking WordPress sites, covering a little more on their analysis and a tool to check if your own home router is vulnerable.

 

 

John Dixon

John Dixon is the Principal Consultant of thirteen-ten nanometre networks Ltd, based in Wiltshire, United Kingdom. He has a wide range of experience, (including, but not limited to) operating, designing and optimizing systems and networks for customers from global to domestic in scale. He has worked with many international brands to implement both data centres and wide-area networks across a range of industries. He is currently supporting a major SD-WAN vendor on the implementation of an environment supporting a major global fast-food chain.

Comments are closed.