Dark
Light

WordPress sites exposed to an attack using visitor browsers for botnet

1 min read
175 views


TLDR:

  • A password-cracking botnet has taken over WordPress sites to launch attacks using visitors’ browsers.
  • Researcher Denis Sinegubko noted 41,800 password attempts per site with this method.

The article discusses how a password-cracking botnet has shifted from crypto wallet drainers to attempting brute-force attacks on WordPress sites. The attackers use visitors’ browsers to launch massive password-cracking attempts, with one compromised site estimated to be trying over 41,800 passwords. Recommendations for end users include securing passwords and using tools like NoScript to prevent such exploits. For WordPress admins, it is advised to ensure strong passwords and firewall the admin page and “xmlrpc.php” file to protect their sites.


Previous Story

Hamilton hit by ransomware attack on Feb 25, city confirms

Next Story

Stay informed with the latest in cybersecurity news and updates

Latest from News