A couple of days ago I reported that thousands of WordPress websites were compromised and altered to host an article entitled “I’m getting paid.” As it turns out, my hunch was somewhat correct: weak passwords were the main cause of the incident, not a hacked WordPress server.
Automattic representatives have told
Naked Security that WordPress servers have not been compromised. The large number of hijacked websites is a result of poor password security practices.
That also explains why WordPress has started sending password reset notifications to the affected website owners.
Unfortunately, the number of victims has increased to 60,000, which means that the websites’ administrators aren’t doing a very good job of securing their accounts.
Hopefully, they will manage to clean up their blogs in the upcoming days and set stronger passwords to make sure that their visitors will not be presented with those shady “I’m getting paid” ads anymore.