Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,194,062 members, 7,953,215 topics. Date: Thursday, 19 September 2024 at 12:34 PM

Someone Is Trying To Hack My Blog, What Do I Do? - Webmasters (3) - Nairaland

Nairaland Forum / Science/Technology / Webmasters / Someone Is Trying To Hack My Blog, What Do I Do? (11925 Views)

I Have 300K To Invest With On My Blog, What And What Should I Get? / Mobile 'yes' Is Not Working In My Blog. What Should I Do / Facebook Is Trying To Kill Facekobo.com - A Nigerian Website (2) (3) (4)

(1) (2) (3) (Reply) (Go Down)

Re: Someone Is Trying To Hack My Blog, What Do I Do? by ib22003(m): 5:24am On Dec 24, 2015
As a Security Professional, i will say dont be scared yet. he/she is just trying to reset your password, but it seems the hacker has not gotten access to your email. Your Email is you last point of defence for most hacks so make sure the password is secure and the password is different from any other website you use. Wordpress has some know backdoors,but it is mostly with the themes not wordpress it self..
WAECFlyer5:
The problem here is that the person knows my recovery email!!!

And also, knows some details about my website.

lalasticlala, please b4 yu sleep, 2mao might be late
Re: Someone Is Trying To Hack My Blog, What Do I Do? by ib22003(m): 5:31am On Dec 24, 2015
This is the reason i mentioned secure password earlier. Let me give an example of a secure password. ToyotaCamry@$5000. You can also check your password complexity at http://www.passwordmeter.com/
snowland:
Like some people already suggested, install Wordfence and your blog will be secured.

Just got a mail from wordfence about some Aethera Botnet that is attcking wordpress blogs/websites by guessing your password. Read the full detail below:

[size=18pt]Aethera Botnet Attacks WordPress Sites
[/size]
Exec summary: There is currently a botnet that has been identified that is targeting WordPress websites with a password guessing attack. If you have Wordfence installed with our default settings, you are already protected against this attack. The botnet is powered by modem/router devices. ISP’s are gradually patching the devices but many are left vulnerable or infected as some ISP’s respond slowly to this issue.

Full article:

In February of this year a security researcher at Voidsec noticed brute force attacks on his personal WordPress site and he noticed a pattern in the IP addresses attacking his site. They were mostly Italian internet service providers. They were:

Fastweb
Albacom, now BT-Italia
Clouditalia
Qcom
WIND
BSI Assurance UK

What he discovered is that the IP’s attacking his site were all devices. They were all Aethera modem/routers to be exact. By doing some further sleuthing he discovered that all the Aethera devices involved in the attack were using default login credentials (blank/blank).

The modems had obviously been hacked and the attacker had gained access through the default login. They had then installed malware on the modems that launched a brute force password guessing attack on WordPress sites.

The Aethera devices in question suffer from various XSS vulnerabilities, a CSRF vulnerability and a HTML5 cross-origin resource sharing issue.

The researcher then used Shodan, a search engine for devices on the Net, to find out how many vulnerable Aethera devices are on the Net and found around 8,000 vulnerable devices. They likely used a search on Shodan similar to this one.

They estimate that the amount of bandwidth the combined vulnerable devices have access to is between 1.7 and 17 Gigabits per second. This could be used for a massive distributed denial of service attack.

Voidsec tried to contact all ISP’s without much luck. Fastweb was responsive after a time and they have fully patched all affected routers. BT-Italia has been unresponsive and remains vulnerable.

While this research was happening, Krebs published a post about Lizard Squad, a hacking group, and a new DDoS tool that they were trying out to knock websites (and anyone else) offline. It seems that Lizard Squad may have been using the Aethera vulnerability to power their DDoS botnet.

The timeline was as follows:

Feb 13: Voidsec discovers the botnet. They contacted BT-Italy at this time.
Feb 25: Tries again to contact BT Italy using various methods with no luck.
December 11: FastWeb is told about the vulnerability and they agree on a disclosure schedule.
December 22: Disclosure and FastWeb’s routers are fixed.

Here’s the full post on voidsec.com. Voidsec is an Italian company so the post is also available in Italian.

We will continue to monitor activity from this botnet at Wordfence and will share any interesting data we uncover.

There are still many unpatched Aethera router/modems out there and they are still being used to launch attacks. Hopefully with the press coverage around this issue, the unresponsive ISPs involved will patch their customer devices and stop the attacks they’re launching on WordPress websites and other targets.

https://www.wordfence.com/blog/2015/12/aethera-botnet-attacks-wordpress-sites/
Re: Someone Is Trying To Hack My Blog, What Do I Do? by ITbomb(m): 7:02am On Dec 24, 2015
Afrieyes:

Who told you?

Last week I had to quickly change my password after I got a notification that I logged in anoda place
May you were just using a tweak ip that has servers in another country. That's no cause for alarm
Re: Someone Is Trying To Hack My Blog, What Do I Do? by Tolupage(m): 7:41am On Dec 24, 2015
OP let me call Chloe O'Brien. she'll help you with it
Re: Someone Is Trying To Hack My Blog, What Do I Do? by princejayboss: 8:02am On Dec 24, 2015
Inbox me .... I can kill whatever electronic gadget the hacker uses ... I can give you his location and if possible the place he is .... Thus your blog will be yours....
Re: Someone Is Trying To Hack My Blog, What Do I Do? by Austin234(m): 8:36am On Dec 24, 2015
How do i open a new blog?

publicenemy:
Open a new Blog and leave the old one for the hacker.









Isn't opening a new Blog as easy as opening a yahoo mail account?
Re: Someone Is Trying To Hack My Blog, What Do I Do? by scachy(m): 10:11am On Dec 24, 2015
publicenemy:
Open a new Blog and leave the old one for the hacker.









Isn't opening a new Blog as easy as opening a yahoo mail account?

grin grin
Re: Someone Is Trying To Hack My Blog, What Do I Do? by Nobody: 11:08am On Dec 24, 2015
you should try that anti hacking kit....
Re: Someone Is Trying To Hack My Blog, What Do I Do? by tosyne2much(m): 12:14pm On Dec 24, 2015
mentorandfriend:
Ignoramus undecided
hahaha cheesy


Bros u sef dey bash ni? cheesy
Re: Someone Is Trying To Hack My Blog, What Do I Do? by tosyne2much(m): 12:15pm On Dec 24, 2015
kingsilly:
I'll strongly advice, open another blog and leave dat one for the hacker... grin
lwkmd cheesy
Re: Someone Is Trying To Hack My Blog, What Do I Do? by mentorandfriend(m): 12:16pm On Dec 24, 2015
tosyne2much:
hahaha cheesy


Bros u sef dey bash ni? cheesy
Hahaha. When the need arises. cheesy
Re: Someone Is Trying To Hack My Blog, What Do I Do? by tosyne2much(m): 12:26pm On Dec 24, 2015
mentorandfriend:
Hahaha. When the need arises. cheesy
E make sense jawe bro cool

1 Like

Re: Someone Is Trying To Hack My Blog, What Do I Do? by tosyne2much(m): 12:54pm On Dec 24, 2015
mentorandfriend:
Hahaha. When the need arises. cheesy
Bro, u got my mail?
Re: Someone Is Trying To Hack My Blog, What Do I Do? by mentorandfriend(m): 2:25pm On Dec 24, 2015
tosyne2much:
Bro, u got my mail?
Yes. Merry Christmas to you dear.

1 Like

Re: Someone Is Trying To Hack My Blog, What Do I Do? by wax123(m): 3:59pm On Dec 24, 2015
Bro...change ur password to a stronger one n cant b easily guesss evn by robot... Aphanumeric n special xters eg....123lamb#$@&fada
Re: Someone Is Trying To Hack My Blog, What Do I Do? by olubenjazzy(m): 6:27pm On Dec 24, 2015
NigeriaReports:
[size=15pt]Call 08060245843 For Full Anti-Hacking Online Kit[/size]

Others are dropping their own idea and help openly. But he shud call u. So as for u to tell him to pay first b4 you tell him what to do.
I just thought so sha. because if u wanna really help. Ur fone no. Won't be here.

Some Naija knowledgeable people can be vexin me sometimes.

The topic was even brought to the front page for you to know that it's obvious the dons on NairaLand want others to benefit from comments. CHANGE Nigerians (not apc change o)

(1) (2) (3) (Reply)

The Proliferation Of Blogs - Good Or Bad? / Web Design Trends That Will Be Common In 2014 / 9 Questions To Ask Your Web Designer After Handing Over Your Website

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 29
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.