Blogger And WordPress Accounts Hacked In Sextortion Scam

It has recently come to light that scammers have hacked into WordPress and Blogger sites and composed blog posts with sextortion threats, warning users that they were recorded while accessing adult websites. Hackers are then demanding cash payments in Bitcoin as part of the scam. It is thought that attackers are accessing user’s sites through credential from previously leaked data breaches.

Full story can be found here: https://www.bleepingcomputer.com/news/security/blogger-and-wordpress-sites-hacked-to-show-sextortion-scams/

 

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Hugo van Den Toorn
Hugo van Den Toorn , Manager, Offensive Security
InfoSec Expert
October 30, 2019 12:56 pm

Sextortion, as indicated again with this kind of hacks, is often a strong enticement to sway users into paying the extortion fee. The overall advise would be the never reuse password, and make sure that any unique password you use for every website/service is sufficiently long and complex: Upper-, lower-case, special characters and numbers at least 8 characters long (but preferably longer). This can easily be solved by using a password manager that will generate and remember complex passwords for you. Where possible use a second authentication factor such as a hardware authentication token or a soft-token. This advice is general for all Internet users, but especially if you are a blogger/website owner you want to make sure your site is adequately protected. If they cannot get into your website that easily, chances of this happening to you are way smaller.

Last edited 3 years ago by Hugo van Den Toorn
1
0
Would love your thoughts, please comment.x
()
x