The Wordfence Threat Intelligence team said hackers are attempting a malicious login attempt against the WordPress website. Since November 17, 2021, the number of attacks targeting login pages has doubled.

The researchers’ team has seen a global increase in attacks against WordPress sites during the past week, and more than a quarter of all of the malicious login attempts the team tracking is now originating from AWS EC2 instances, as shown in the chart below:

More than 77,000 IP addresses in this IP space have sent out malicious login attempts since November 17, 2021, but the vast majority of attacks are originating from roughly 5,000 EC2 instances.

Buy Me A Coffee

The following 40 IP addresses, however, have been on the Wordfence blocklist since the end of 2020 and have each sent out over 1 Million malicious login attempts since November 17, 2021:

While AWS makes it easy for businesses to move to the cloud, attackers are also utilizing the scale provided by cloud services, including AWS, in increasing numbers.

Over 90,000 LG Smart TVs Vulnerable to Remote Attacks, Warn Security Researchers