Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
Massive Qbot Botnet strikes 500,000 Machines Through WordPress. Attackers steal banking credentials and hire out compromised computers to others 
No comment yet.
Sign up to comment
Scoop.it!
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
===> Reinstall WordPress from scratch or revert to a known, safe backup. <===
Gust MEES's insight:
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
- Reinstall WordPress from scratch or revert to a known, safe backup. Check also: - http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=WordPress
Gust MEES's curator insight,
April 13, 2013 9:24 AM
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
- Reinstall WordPress from scratch or revert to a known, safe backup.
Check also:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=WordPress
|
Scoop.it!
Legitimate sites forced to aid criminals' illicit botnet operations Hackers have hijacked more than 162,000 legitimate WordPress sites, connecting them to a criminal botnet and forcing them to mount distributed denial-of-service (DDoS) attacks, according to security firm Sucuri. Sucuri CTO Daniel Cid said the company uncovered the botnet when analysing an attack targeting one of its customers. Cid said Sucuri managed to trace the source of the attack to legitimate WordPress sites. "The most interesting part is that all the requests were coming from valid and legitimate WordPress sites. Yes, other WordPress sites were sending random requests at a very large scale and bringing the site down," read the blog.
Gust MEES's curator insight,
March 11, 2014 10:47 AM
Gust MEES's curator insight,
March 11, 2014 10:48 AM
|
Massive Qbot Botnet strikes 500,000 Machines Through WordPress. Attackers steal banking credentials and hire out compromised computers to others.