Attackers are using AWS instances to launch attacks on WordPress sites
Simply switching to 2FA should thwart malicious login attempts, experts suggest
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurityresearchers have noticed an increase in attacks againstWordPresswebsites, with more than a quarter originating from EC2cloud computinginstances ofAmazonWeb Services (AWS).
Wordpress securityexpertsWordfenceshare that of 77,000 IP addresses that have sent out malicious login attempts on WordPress installations, about 5,000 have come fromEC2 instances.
Interestingly, Wordfence’s QA engineer and threat analyst Ram Gall notes most of the IP addresses used by the attackers only started exhibiting malicious behaviour last week, post which they’ve been added to their blocklist.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
“While AWS makes it easy for businesses to move to the cloud, attackers are also utilizing the scale provided by cloud services, including AWS, in increasing numbers,”sharesGall.
Mercenary IPs
Gall shareed a list of 40 IP addresses that have each made over one million malicious login attempts since November 17, 2021. Surprisingly, these IPs have been on Wordfence’s blocklist for almost a year now.
Gall believes the persistence of these IPs is perhaps indicative of the fact that attackers have paid for them. Banking on this assumption he asserts that it’s high time that websites ensure they have the right mitigations in place “since it has never been easier to inexpensively attack millions of sites at once.”
He points to breaches such as the recentGoDaddy attack, which give attackers hordes of compromised passwords that they then employ to attempt to login to even more sites and services. Thanks to the habit of reusing passwords, credentials gleaned from breaches enables attackers to break into more websites, sometimes on the very first attempt.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In addition to adopting sensible password practices, Gall also recommends users to switch to two-factor authentication (2FA), which he says is an “incredibly effective” method of protecting websites even if the attacker has access to your login credentials.
Protect your computers with the help of thebest endpoint protection toolsanduse thesebest security keysto add another layer to safeguard your accounts
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
iStorage Group acquires Kanguru Solutions as it looks to expand security offering
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well
