Brute force attacks to pry login credentials from content management sites like blogs have been growing as more data robbers use a short-term gain for a bigger payoff later on.
Such sites are attractive targets because they tend to be less secure than other environments—such as financial services—and since they're interactive by design, "drive-by" malware planted on them can infect a lot of users quickly, said David Britton, vice president of industry solutions at 41st Parameter.
"With these types of interactive sites being compromised, we see more evidence of the developing attack trend that is focusing less on direct financial gain and more on gathering more detailed personal data, allowing fraudsters to build much more complex social engineering attacks that result in an eventual larger payoff," he said via email.
More and more attackers are realizing that websites built on CMS platforms, like WordPress, are ripe for password picking. "This marks a sea change in attackers targeting the low-hanging fruit of these blog systems," Matt Bing, a research analyst with Arbor Networks, said in an interview.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon