Huge cyber attack under way – 2.8 million IPs being used to target VPN devices
Posted by:
David Wilson
Millions of internet-connected devices are currently targeted in a hacking campaign, with threat actors conducting brute-force attacks against VPNs and other networking devices. The Shadowserver Foundation has identified approximately 2.8 million IP addresses involved in the attack, mostly located in Brazil, with targets including devices from Palo Alto Networks, Ivanti, SonicWall, and others. These threat actors are using compromised routers and devices to attempt unauthorized access through weak passwords. This type of attack relies on automated systems to try numerous username/password combinations until a successful login is achieved. The use of malware in these attacks allows for mass-scale automated attempts, with a focus on exploiting devices with poor password security. The majority of affected devices are part of botnets or residential proxy services, making them vulnerable to cybercriminals.
Recent Posts1
