Huge attack on WordPress sites could spawn never-before-seen super botnet

cyber false flag anyone?

pin

This is important

Suggest Pin! And 5*.

Too many WordPress people hate our Beloved Government, and they must be dealt with.

Did the WordPress folks refuse to become part of the Google/FaceBook/cia/fbi/dhs/mi1-1o empire?

Did they refuse to allow open access to their customers' accounts and personal details?

I've been waiting for another FF going on almost 4 years since Oslammy Bounel felon criminal took office.

I guess we could agree/disagree that Sandy Hook was a false flag, but I'm waiting for the big one.

I'm waiting for the false flag that sends people into the streets rioting and demanding mass arrests. That'll be when shit starts to change

Wordpress is 100% free and open source for anybody to use and edit the codebase. It doesn't really have "customers". More like users and developers

What does it mean this , can anyone explain what could happen please ? sorry for being thick i not heard of wordpress

It probably won't mean too much for you if you don't run websites. This honestly isn't a huge deal IMO. Here's a snippet from the article:



So basically this system/network is targeting Wordpress websites and brute-forcing the admin passwords. Then once they are logged into admin they can fuck around with anything... so it's not good if people running a Wordpress website have a weak admin password.

And to clarify just for those who don't know, Wordpress is a blogging platform. You would buy a website server and then download Wordpress from here: [link to wordpress.org]

It's a free script that is managed by a team of developers. So webmasters can install Wordpress and then run a blog or website without coding everything from scratch. It is just a more advanced method of managing a website.

Last Edited by SteamrolledGobias on 04/13/2013 09:27 AM

Ah, ok, thanks for the info.

Wordpress = freedom, transparency, democracy, no profits, no exploitation, ordinary people working together for everyone's benefit...

Now why would anyone want to scupper all that?

Wordpress has lot's of people that put news sites and other stuff that the nwo cabal does not wan't us to know.

Come to think of ven i have 2 sites on wordpress dealing about organized stalking...

That's just another attack on the last remaining windows of freedom.

Freedom is terrorism.

ahh come on now, you all know that linix and what ever is out there that is not part of the big bro system is going to be used to beblaim for the need to clamped down on the internets.
just one big attack and there goes free OS and severs and anything not run by windoz,
they will make all linix and unix users who are not part
of the big system to be scape goats for the big internet wars
that
ya know is comeing.

i bet the state will bail out widoz and the chip makers, and then make laws that say you can only use one type of computer
to use the internets, small ones for familys and bigger computers for companys.

I believe this to be true. Past 2 days I've noticed DDOS attacks on several of my shared server hosts... at the same time. It is no coincidence. Something is up.

Thanks for the pin.

I too have noted attacks but strangely enough my free Wordpress blog is not one of them.

This is government up to no good, this is not a black hat op...

I was monitoring the activity in the last few days and yes - there is a noticable ammount of POST requests to /wp-login.php . The funny part is that most of them are identifying as windows machines lol :D . The best you can do is to rename wp-login.php to some random thing and restore the filename only when YOU need to log in so they see a "404 not found" instead.

Here are a few (slightly edited) lines from my server:


50.22.*.* - - [12/Apr/2013:07:00:23 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
50.31.*.* - - [12/Apr/2013:07:01:15 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
46.165.*.* - - [12/Apr/2013:07:03:16 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
66.55.*.* - - [12/Apr/2013:07:04:41 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
204.93.*.* - - [12/Apr/2013:07:07:58 +0000] "GET /wp-login.php HTTP/1.1" 200 2558 "-" "-" "-"
204.93.*.* - - [12/Apr/2013:07:08:11 +0000] "POST /wp-login.php HTTP/1.1" 200 3495 "-" "-" "-"
87.253.*.* - - [12/Apr/2013:07:09:00 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
72.29.*.* - - [12/Apr/2013:07:11:44 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
31.210.*.* - - [12/Apr/2013:07:11:45 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
65.254.*.* - - [12/Apr/2013:07:11:49 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
207.58.*.* - - [12/Apr/2013:07:13:48 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
204.93.*.* - - [12/Apr/2013:07:15:10 +0000] "GET /wp-login.php HTTP/1.1" 200 2558 "-" "-" "-"
204.93.*.* - - [12/Apr/2013:07:15:13 +0000] "POST /wp-login.php HTTP/1.1" 200 3495 "-" "-" "-"
---
184.168.*.* - - [12/Apr/2013:07:39:26 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
66.55.*.* - - [12/Apr/2013:07:40:06 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
65.60.*.* - - [12/Apr/2013:07:40:06 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
61.19.*.* - - [12/Apr/2013:07:40:07 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
209.73.*.* - - [12/Apr/2013:07:41:51 +0000] "GET /wp-login.php HTTP/1.1" 200 2558 "-" "-" "-"
209.73.*.* - - [12/Apr/2013:07:41:55 +0000] "POST /wp-login.php HTTP/1.1" 200 3495 "-" "-" "-"
72.167.*.* - - [12/Apr/2013:07:43:13 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
93.187.*.* - - [12/Apr/2013:07:43:49 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
185.15.*.* - - [12/Apr/2013:07:43:50 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
108.163.*.* - - [12/Apr/2013:07:44:55 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
210.210.*.* - - [12/Apr/2013:07:44:57 +0000] "POST /wp-login.php HTTP/1.1" 200 3671 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" "-"
209.73.*.* - - [12/Apr/2013:07:45:10 +0000] "GET /wp-login.php HTTP/1.1" 200 2558 "-" "-" "-"
209.73.*.* - - [12/Apr/2013:07:45:23 +0000] "POST /wp-login.php HTTP/1.1" 200 3495 "-" "-" "-"

and so on...

there should be a really big one when it comes time to leave office

I submit that he has no intention to ever leave. I further submit that there are a lot of powerful people who support him in that.

there will never be a #45

Thanks for sharing, Xorizov.

Hired Code_Nerds on full attack mode. How lovely. Grrr!

Last Edited by KrinZa on 04/13/2013 10:11 AM

It's not Anonymous, or if it is it's a very small group of them. Nothing in any of the IRCs.

One thing I have been noticing is that I will enter the name of a website or sometimes even click on one saved on my toolbar and it takes me to a blank page. Nothing Nada..

Firefox is really becoming an unsafe browser..and it doesn't like my version of Mac..I am in the process of moving by bookmarked sites to Safari..it feels safer.

Use Google Chrome, just don't do anything suspicious. Also carry two laptops, like me.



I should elaborate. Google Chrome is virtually bug free by pure virtue of the fact that it's monitors it's ass off as a trade off. Google makes it's money off of user data. It's made no secret of this. One of it's biggest buyers is Uncle Sam.

So use Google Chrome for your normal day to day stuff then look into one of the dark nets and look into something else for cruising your darker conspiracy sites + your videos of area 51.

You idiots post on GLP and think you're on the internet. You're in a gated ego-inflating community just like the richies. Anyway, put Wordfence on your sites, if you're not a complete moron.

Troll with Know How.

I know, right?

I've been getting spam from infected wordpress blogs, the russians are using them to mail off.

I've been noticing this, too. Lots of ban notices from fail2ban.

There is a simple plugin to prevent this. Only a fucking moran would allow their wordpress to be hacked this way!

[link to wordpress.org]