Important: Malicious website password reset requests on the rise from Russia

With all the interest in Russian hackers and a certain presidential campaign you’d be forgiven for thinking that only high-profile websites and individuals are targets for hackers. Not so.

Over the past week we’ve seen a 1900% (yes one thousand nine hundred) percent increase in the number of malicious login attempts to websites hosted on our servers. And we’re not alone. Across the internet Drupal based websites are seeing a worrying increase in suspicious password reset requests and malicious login attempts.

These login attempts, by hackers attempting to gain access to websites, are designed to give hackers a platform for attacking other websites, sending spam emails, altering the website content to link to malware, spyware and even “fake news” (we’re talking actual fake news here, not the New York Times and CNN).

While we make it as difficult as possible for hackers to compromise our hosting servers, with strong firewall protection, 24/7/365 monitoring, and other protective measures that we won’t go into for security reasons, the most common cause of a defaced or compromised website is not installing the latest software updates for your website.

Updates are released frequently for Drupal, WordPress, Joomla and other software and unless you have a support agreement with us it is your responsibility to install updates. If you’re not sure if you have a support agreement we advise you to get in touch with us to check!

In closing, if you use WordPress, Drupal, or Joomla, make sure you’ve installed the latest updates, and change your password to something secure that you only use on your website.