[Chugalug] d at mn scammers/hackers
cluon at geeklabs.com
Thu Oct 18 16:45:33 UTC 2012
On Wed, 17 Oct 2012, Stephen Haywood wrote:
> So they brute forced your admin password? It wasn't a joomla 0-day?
Well, not MY password, but the web dude for the non-profit I was hostings
Yeah, best I can tell it looks like a direct brute force.
I have another Joomla website ran by a clueful guy they were trying the
same thing. (He is IT at Unum during the day, and the site seems updated
and clueful, we relocated the /administrator directory anyway)
Maybe a 0 day helped, but it seems to be a rapid targeted brute force
at the /administrator logins.
Keith, what did you see?
More information about the Chugalug