Wordpress hacker generating password reset request for admin user

We cannot know the exact motivations but here are some possibilities:

  • The attacker is just running an automated script and initiating password resets is just one of the many things in the swiss army knife
  • The attacker is testing responses to see if the admin is watching before doing nosier attacks
  • The attacker is just being annoying
  • The attacker thinks there may be a vulnerability he can exploit in reset workflow, perhaps he think he can intercept the reset email from the server through MitM
  • The attacker thinks he can predict the reset token
  • The attacker will combine legitimate resets with a phishing attack to try to trick the admin into giving the password up to his fake reset page

Tags:

Wordpress

Password Reset

Recent Posts