More threads by djbaxter

djbaxter

Administrator
Joined
Jun 28, 2012
Messages
3,778
Solutions
2
Reaction score
1,877
If you haven't done a security audit on your WordPress sites recently, do it now!

Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC
by Mark Maunder, Wordfence
December 18, 2017

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign we have seen to date, peaking at over 14 million attacks per hour.

The attack campaign was so severe that we had to scale up our logging infrastructure to cope with the volume when it kicked off, which makes it clear that this is the highest volume attack that we have seen in Wordfence history, since 2012.

The campaign continues to ramp up in volume during the past hour as we publish this post. A graph of the attack volumes is shown below which shows the number of attacks per hour and the number of attacking IPs that we see each hour.

massive-brute-force-attack-Dec18.jpg

Our infrastructure automatically blacklisted the participating IPs in real-time and distributed those to our Premium customers. This all happened unattended early this morning. We continue to monitor the campaign and are analyzing its origin and who is behind it.

What we know at this time:
  • The attack has so far peaked at 14.1 million attacks per hour.
  • The total number of IPs involved at this time is over 10,000.
  • We are seeing up to 190,000 WordPress sites targeted per hour.
  • This is the most aggressive campaign we have ever seen by hourly attack volume.

Read more

massive-brute-force-attack-Dec18.jpg
 

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

LocalU Event

Trending: Most Viewed

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Top Bottom