In this Blog Post:
As i was browsing the internet looking for some materials which i need for my latest project, i chanced upon the CD-R King website. For those who have no idea, CD-R King provides affordable gadgets and virtually anything that involves electronics. This is like the shop for generic items and your go to store if you cannot afford branded gadgets.
CD-R King Website Hacked
After thinking on where i could get cheap gadgets, i suddenly remembered CD-R King and after entering their URL to my browser, to my surprise instead of a website, i only saw an animated page saying that “Your Site Was Hacked…”
Several minutes thereafter CDRKing took down the page and replaced it with a temporary closed for maintenance page.
The hacking of the CD-R King website is of course not the first of it’s kind, what is troubling however is that this month alone Online Security Companies were able to detect an increased activity related to bruteforce attack on WordPress-based sites. This BruteForce attack looks similar to a previous attack campaign that used the common WordPress Username “admin” and the password decoder will run through the most common passwords to break the system.
One Hour Or So After
The website was restored after an hour or so.
Try to Avoid These Attacks
For WordPress users the following are recommended in order to protect your website from Bruteforce Attacks:
1. Do not use a the common username “Admin”, use something you can remember but not easily guessed by others.
2. Use strong passwords, which must be more than eight characters in length and uses alphanumeric as well as special characters to make sure that your passwords are not easily guessed.
3. Use or follow the Hardening WordPress Guidelines
As we have said these kinds of attacks is not the first time and this will obviously happen again all we can do is to make sure that our sites are protected or at least have a hardened security features making it difficult to break into the system.