We were notified early this morning by our server that they have noticed an attempt at attacking Word Press sites on their system.
"Last Wednesday, we began noticing unusually high incoming traffic across our servers. We determined that this traffic was caused by an automated program that was attempting to break in to our customers' WordPress sites. This also had the effect of slowing down our Linux servers due to all of the extra traffic.
This attack is not limited to our network, but targets Wordpress users worldwide, across many hosting companies.
We began blocking all attempted connections to the wp-login.php file. This block stopped the malicious connections from breaking in, but unfortunately, it also stopped legitimate users from logging in as well. This was a temporary, but necessary solution as we continued to work on a remedy for this situation.
We have now rolled out a new fix which blocks the malicious connections, but allows users to access their wp-login file. This means that if you have a WordPress site, you should now be able to login and make changes. However, once you log in, we recommend that you change your password to something very strong (e.g. a mixture of upper and lowercase letters, numbers, and special characters like #, $, and &). You can find instructions on how to change your password here:
So, if you have a Wordpress site PLEASE drop everything and change your password NOW. If Ariel Marketing Group, llc hosts your site I can change it for you so let me know if you have an issue.
If you don't have your site hosted through AMG we can walk you through it as well, so email us and we'll help.