From ResellerClub.com, Author: Anitka Wadhwa:
As I write this post, there is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts.
We did a detailed analysis of the attack pattern and found out that most of the attack was originating from CMSs (mostly wordpress). Further analysis revealed that the admin accounts had been compromised (in one form or the other) and malicious scripts were uploaded into the directories.
Today, this attack is happening at a global level and wordpress instances across hosting providers are being targeted. Since the attack is highly distributed in nature (most of the IP's used are spoofed), it is making it difficult for us to block all malicious data.
To ensure that your customers' websites are secure and safeguarded from this attack, we recommend the following steps:
These additional steps can be taken to further secure wordpress websites:
Also, we recommend using Cloudflare, which is available free with all our cPanel accounts, to
prevent the attack from affecting the functionality of your site.
Friday, April 12, 2013