Well, my inbox has been taking a beating as once again there are a new round of hackers trying to create Admin accounts. This happened to me and other WordPressers almost exactly one year ago. I posted about it last September, after a few weeks of new users popping up at a time when my page views were at their lowest. I made a list and it seemed to be helpful for others, so I will post a new list and add to them as they come into my website.
There appear to be a few Russian email addresses, not unusual in the world if hacking. I’ve also recently noticed a large influx of referrals from Russian casino website which may have something to with this latest set of attacks. What is the new surprise is that another WordPress-based site I visit regularly, Nikonrumors.com, is also referring these attacks. As before, you need to be concerned with these subscriber accounts as they are designed to be a proverbial foot in the door for hackers to convert them into administrator accounts. Of course, some of it is simply forum/blog registration spam. Either way you don’t want them on your site. You can read about many others who have caught these attacks in time, and some after it was too late, by searching for “WordPress hackers.” One way to help filter out these scumbags is to Google any suspicious email addresses. Some are so fishy that they don’t need to be looked up at all. So far we have these uninvited guests:
CandiceGeorge25 christinatorres@mail15.com
GeranXT jaka00001@gmail.com
picturefragc asdsadasdsdsda@aol.com
AgadetinoMara fsfdgdgsdfg@mail.ru
cymnuning 19@pimpmystic.com
rosetta stone french rosettacheap111@aim.com ***
Gaptaptineeve vtoroyka@mail.ru
Linspeege s.t.anislavdelektorskiy7@gmail.com
TeptToogE nikolson4music@mail.ru
vystinata vystavy@mail.ru
radiopodarok garner.antonia@gmail.com
Fewheceinheri p.r.ahshaz.y@googlemail.com
Serjxlpt valosloview@mail.ru
mannohere manno1here@yandex.ru
KNODYONENTEEDA terrakot@gaymike18.com
tooldforyouxxza limoguy452@gmail.com
ininyMoobeMal burtvirra@gmail.com
DamPlaymn gregoryantmon@gmail.com
acrorruby mervin.manes@gmail.com
NigCapaninO weihualpshinnemanb0n@hotmail.com
The last one arrived as I was typing this post.
We now return to our regularly scheduled program…
[ *** My personal favorite. This one called out its spam-laden intent and required no investigating whatsoever!]
Following the publication of this article, I have garnered 217 new users, which exceeds the number of visitors I received today.
Fed up, I’ve done some research and installed SABRE
http://wordpress.org/extend/plugins/sabre/
It should help prevent some, if not all of the registration spammers. In turn, registration now requires validation. I’m giving it a whirl and will report if it works or not.