Warning to WordPressers


This is a warning to my fellow WordPress users… over the past few days there have been some hackers taking over our sites via accounts setup for new users. The attacks seem to be centered in Europe, Germany primarily, by registering users with Gmail acounts. I have received three over the past three days which after a quick Google search on the email address netted several sites with the same warning.

So I will promote the advice by another savvy and alert WordPresser who caught one of the same addresses registering at his site. Don’t use the default admin user name ( I never did in the first place), and change your password just in case (that I just did).

I am joining in the network of those posting about this hack/attack in order to warn others. I am going to post the names and emails of the attack accounts I have been contacted by below. This is by no way complete as there do seem to be several others out there. Feel free to comment or contact me with any you may have encountered.

September 2

  • Username: jaimelipani
  • E-mail: jonatanwebsterbaum@gmail.com

Sepember 1

  • Username: MikeWink
  • E-mail: bugbeemershonyhe@gmail.com

August 31

  • Username: Andrianq
  • E-mail: pulvillarrac@gmail.com
VN:F [1.9.22_1171]
Rating: 5.0/5 (7 votes cast)
Warning to WordPressers, 5.0 out of 5 based on 7 ratings
This entry was posted in Featured, Uncategorized and tagged . Bookmark the permalink.

15 Responses to Warning to WordPressers

  1. jason says:

    Thanks for the post. I just recently started receiving these as well. I will make a post on my site to notify other users. Here are the Username/Email I have had so far:

    Username: rafaellabove
    E-mail: jonatanwebsterbaum@gmail.com

    Username: Andrianq
    E-mail: pulvillarrac@gmail.com

    Username: MikeWink
    E-mail: bugbeemershonyhe@gmail.com

    Username: Miriam
    E-mail: obierebelominepyb@gmail.com

    I will add your list to my own so others become aware.

  2. David says:

    Good catches… no need for us to hoard this info. It should be posted as many places as possible. My hope is that the WordPress developers can plug this security hole in the next update.

  3. Pingback: Spam Hack Attack | The Early Modern Intelligencer

  4. Pingback: A warning to anyone running a wordpress site | The ClownX Blog

  5. DebbieMahler says:

    Thank you for adding my blog link in your post and above all, thank you for spreading the word about this issue! If the spammers won’t stop, then the WP community needs to come together and share the information to block them.

    Great job! And again, a BIG THANK YOU!

    Debbie Mahler

  6. Pingback: Wordpress SpamHack Alert | Mark Savel's Toronto Real Estate Blog Mark Savels Toronto Real Estate Blog

  7. David says:

    Backing up your site is always good advice. I do it once a month as is, but I archived everything today just in case.

    With all of the plug-ins and widgets, you would think by now that someone would have coded something to make WordPress a bit more secure. If anything, this hack has shown many of us how vulnerable our sites are. If an attack like this ever was unleashed on a large scale to WordPress bloggers, someone could take down a good chunk of the internet…

  8. Pingback: Eckyman.com » A Word(press) of Warning!

  9. David says:

    For those who think they might have been hacked or are finding additional unauthorized admin accounts, there is a great view of what to look for over at http://www.greenwaysroad.com. If you see an extra admin, delete it ASAP, and if possible, restore your entire blog from a date prior to the first attacks appeared (August 29th or so) to ensure there isn’t any stray hacks on your site left by the hackers.

  10. Pingback: WordPress Security Exploits – This site was hacked | Eric Shefferman (DOT) Com

  11. Pingback: girl meets geek » Blog Archive » Comments are off for the time being-

  12. David says:

    Update for all… after a few days of silence, I’ve got a couple of more hacker accounts to share:

    Username: arnoldisby
    E-mail: naomyrotenford@gmail.com

    Username: UlricheDmond
    E-mail: ulrichedmondsuses@gmail.com

    Stay sharp kiddies – especially for those sites that get loads of new user registrants every day. I’ve seen several sites that have been attacked close off new users altogether and I can’t say I blame them.

Leave a Reply