Attacks against WordPress sites began last week, when some Web hosts and security experts reported brute-force attacks against administrative credentials using a combination of “admin” as a user name, and a list of common passwords. Compromised sites built on WordPress would notice slower back-end operations, log-in difficulties, or downtime.

Source: Hackers Using Brute-Force Attacks to Harvest WordPress Sites | threatpost