Is your username still ‘ADMIN’? Hack Attack Warning!

Icon for Security Services provided by SMH Technology Solutions

How many times you’ve been told; “Don’t leave the user name as the default“, or “change your password“? Well if you have not followed that sage advice prepare for a Hack Attack!

First up I got an email from my website security tool, part of which is below:

A user with IP address 116.8.123.160 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 10. The last username they tried to sign in with was: ‘admin’
User IP: 116.8.123.160
User hostname: 116.8.123.160
User location: Nanning, China

I’ve only just started using this particular tool so it was good to see it working, the follow up had a bit more detail about the hack attempt, again an extract is below:

Blocked IP address report

So as you can see, someone has tried to login to my website with the username ‘admin’, and I guess a selection of passwords, or pa55w0rds, or PassWords (you get the idea I’m sure), until my system blocked them out. If I didn’t have this system they may have happily carried on until they cracked it, which as many hackers use user/password combinations available from leaks such as the Sony or Adobe hacks, then it’s another example of why you should not re-use passwords either!