When I woke up this morning I checked my email and came across thirteen Wordfence Alerts from a clients website. There was a coordinated attempt occurring to brute force a login into the WordPress admin. Luckily the admin username is not common or guessable. It started at 12:22 am and it is still going on as of this posting. The great thing about Wordfence is that it is good at preventing this kind of attack. As soon as someone uses an invalid user name they are locked out for 5 minutes.
Examples of Usernames the hackers are using
- badmin
- magico
- indoxploit
- test
- admin (Never Use, They tried 10 times)
- admina
- Admin
- schatzi
- 0x1999
- wpupdateuser
- editor
By trying admin, Admin and test they are trying for commonly used users and passwords. Make sure your site is protected with a plugin such as Wordfence. If you need help you can contact me at john@panolatech.com.