Attackers are using AWS instances to launch attacks on WordPress sites

DMCA / Correction Notice
- Advertisement -

Cyber ​​security Researchers have found an increase in attacks against wordpress With over a quarter of websites originating from EC2 Cloud Computing Examples of Amazon Web Services (AWS,

- Advertisement -

wordpress security experts wordfence Share that out of 77,000 IP addresses that sent malicious login attempts to WordPress installations, about 5,000 came EC2 Instance,

Interestingly, WordFence’s QA engineer and threat analyst Ram Gall noted that most of the IP addresses used by the attackers began exhibiting malicious behavior only last week, after which they have been added to their blocklist.

Techradar needs you!

We’re looking at how our readers use a VPN with streaming sites like Netflix so we can improve our content and offer better advice. This survey will take you no more than 60 seconds, and we would greatly appreciate it if you shared your experiences with us.

>> Click here to start survey in new window <

- Advertisement -

“While AWS makes it easier for businesses to move to the cloud, attackers are also using the scale provided by cloud services, including AWS, in increasing numbers.” shares Bile.

hire ip

Gall shared a list of 40 IP addresses, each of which has made more than one million malicious login attempts since November 17, 2021. Amazingly, these IPs have been on WordFence’s blocklist for almost a year.

Gall believes that the persistence of these IPs is probably indicative of the fact that attackers paid for them. Relying on this notion, he stressed that the time has come for websites to ensure they have the right mitigation “because it’s never been easier to cheaply attack millions of sites at once.”

He points to breaches such as the recent GoDaddy attack, which gives attackers a multitude of compromised passwords which they then employ to try to login to even more sites and services. Thanks to the habit of reusing passwords, the credentials obtained from breaches enable attackers to break into more websites, sometimes in the first attempt.

In addition to adopting sensible password practices, Gall also recommends users to switch to two-factor authentication (2FA), which they say is an “incredibly effective” way of protecting websites, even if the attacker has access to your login credentials.

Protect your computer with the help of best endpoint protection tools And use these best security key To add another layer to protect your accounts

- Advertisement -

Stay on top - Get the daily news in your inbox

Recent Articles

Related Stories