Hackers gain root access to WordPress servers

By on April 14, 2011, 4:47 PM
Automattic, the folks behind WordPress, suffered another blow to its security this week after a hacker gained access to servers containing sensitive company and user data. In a blog post yesterday, President Matt Mullenweg described the breach as a "low-level (root) break-in)" that would have given the attacker access to "potentially anything" on several of Automattic's servers.

After reviewing internal logs, the company believes its source code was exposed and copied. "While much of our code is open source, there are sensitive bits of our and our partners' code," Mullenweg explained. Based on its records, the company doesn't believe much if any other sensitive information was compromised.

Even if the hackers copied user passwords, they're all hashed and salted using phpass. In other words, you should be safe unless you use something incredibly lame like "qwerty". If you're concerned about the safety of your account, Mullenweg offers a few tips:

  • Use a strong password, meaning something random with numbers and punctuation.
  • Use different passwords for different sites.
  • If you have used the same password on different sites, switch it to something more secure.

Gawker Media's servers were breached last December and a hacker group published some 1.3 million user emails and passwords via BitTorrent. Some 200,000 weak passwords were decrypted very quickly revealing that thousands of users were safeguarding their accounts with passwords such as "123456," "password," and "abc123".

In early March, WordPress was nailed by several large distributed denial of service (DDoS) attacks that originated from China. The first attack amounted to multiple Gigabits and tens of millions of packets per second bombarding their servers, which crippled all three of the company's data centers and resulted in connectivity issues for the service's 18 million hosted blogs.




User Comments: 6

Got something to say? Post a comment
Vicenarian said:

Why can't the people that control the internet, implement something like this:

An uber-smart "switch" that detects DDoS attacks against websites via traffic/protocol analysis, and automatically cuts off the attackers simply by closing their connections.

How hard would that be? Honestly...

R3DP3NGUIN R3DP3NGUIN said:

there is already sufficient hardware and software solutions, I dont think many companies will upgrade to the latest and greatest of technology though, due to the cost factors and stability and reliability .etc.

PinothyJ said:

Why DDoS Wordpress, what did they do to you?

...

Leeky Leeky said:

Why DDoS Wordpress, what did they do to you?

...

Like any market leader in their chosen area, they'll be targeted.

Either that or Sony must have been running a Wordpress blog somewhere....

Coodu Coodu said:

Really sad to see this - somebody's blog must have started a riot in China, perhaps one about time travel?

Staff
Per Hansson Per Hansson, TS Server Guru, said:

vicenarian; DDoS is not easy to control at the hardware layer.

What a DDoS is is just millions of hosts asking for a specific webpage at the same time.

To an untrained system admin it will just look like the "Slashdot Effect"

That is when a smaller site gets linked from a much larger site and succumbs due to the sudden increase in traffic from said site (Been there, got the T-Shirt and all )

And infact a well done DDoS attack will be impossible to filter, if the users (probably part of a botnet, or not in the case of the software LOIC willing participants) do a good job their traffic will indeed be just like the normal HTTP traffic your servers serves daily...

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.