The attackers are using brute-force tactics to break into user accounts for WordPress and Joomla sites. The top five user names being targeted are “admin,” “test,” “administrator,” “Admin,” and “root.” In a brute-force attack, the perpetrators systematically try out all possible combinations until they successfully login to the account. It is easier to guess and figure out simple passwords such as number sequences and dictionary words, and a botnet automates the entire process . The top five passwords being attempted in this attack happen to be “admin,” “123456,” “111111,” “666666,” and “12345678.
Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.