Trusted Design

Ukrainian ISP Behind Over 1.65Mil Daily Brute-Force Attacks on WordPress Sites

概要

Over the past three weeks, the number of brute-force attacks against WordPress sites has almost doubled, according to WordPress security firm WordFence. The company says it recorded a sharp increase in the number of daily attacks and daily IPs involved in brute-force requests following November 24. Brute-force attacks are attempts to guess a websites admin (or any user's) credentials by launching repeated authentication requests at small intervals. These attacks usually come at short time intervals, and web firewalls can detect and block them. True brute-force attacks usually involve billions of authentication attempts, as the attacker goes through all the password variations. The incidents WordFence is reporting are most likely dictionary attacks, where an attacker uses a small list of potential passwords, such as "123456" and others.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Wordpress Brute Force Login Attacks: 10/04/15-10/12/15 (score: 0.68)
Probing for Wordpress installations & other web vulnerabilities (score: 0.67)
Wordpress Brute Force (score: 0.60)
Compromised WordPress sites redirect visitors to Nuclear EK (score: 0.59)
WordPress Compromise Campaign (score: 0.55)

このPulseに関連する脅威アクター (事実ベース)

Magic Hound

Score: 6.52

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target
T1059.012 - Hypervisor CLI

MITREへのリンク →

HEXANE

Score: 5.27

Matched TTPs:

T1099 - Timestomp
T1097 - Pass the Ticket

MITREへのリンク →

APT29

Score: 8.92

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Gamaredon Group

Score: 4.76

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target

MITREへのリンク →

TA2541

Score: 7.91

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target
T1001 - Data Obfuscation

MITREへのリンク →

FIN13

Score: 7.28

Matched TTPs:

T1099 - Timestomp
T1686.001 - Cloud Firewall

MITREへのリンク →

HAFNIUM

Score: 11.56

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

Turla

Score: 21.55

Matched TTPs:

T1099 - Timestomp
T1608.005 - Link Target
T1097 - Pass the Ticket
T1218.001 - Compiled HTML File
T1556.009 - Conditional Access Policies
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Volt Typhoon

Score: 12.30

Matched TTPs:

T1099 - Timestomp
T1584.002 - DNS Server
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Earth Lusca

Score: 7.40

Matched TTPs:

T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustang Panda

Score: 7.64

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1055.005 - Thread Local Storage

MITREへのリンク →

ZIRCONIUM

Score: 4.60

Matched TTPs:

T1608.005 - Link Target
T1578.001 - Create Snapshot

MITREへのリンク →

MuddyWater

Score: 3.51

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

APT28

Score: 20.60

Matched TTPs:

T1608.005 - Link Target
T1097 - Pass the Ticket
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1146 - Clear Command History
T1055.008 - Ptrace System Calls
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN7

Score: 7.27

Matched TTPs:

T1608.005 - Link Target
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Lazarus Group

Score: 14.83

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Confucius

Score: 6.34

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Saint Bear

Score: 3.51

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

APT32

Score: 7.94

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1490 - Inhibit System Recovery

MITREへのリンク →

Kimsuky

Score: 10.66

Matched TTPs:

T1608.005 - Link Target
T1001 - Data Obfuscation
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

APT38

Score: 13.36

Matched TTPs:

T1590 - Gather Victim Network Information
T1097 - Pass the Ticket
T1059.012 - Hypervisor CLI
T1059.005 - Visual Basic

MITREへのリンク →

Ember Bear

Score: 4.02

Matched TTPs:

T1097 - Pass the Ticket
T1218.010 - Regsvr32

MITREへのリンク →

APT41

Score: 8.15

Matched TTPs:

T1097 - Pass the Ticket
T1218.010 - Regsvr32
T1002 - Data Compressed

MITREへのリンク →

OilRig

Score: 7.64

Matched TTPs:

T1097 - Pass the Ticket
T1218.010 - Regsvr32
T1556.009 - Conditional Access Policies

MITREへのリンク →

Dragonfly

Score: 5.78

Matched TTPs:

T1097 - Pass the Ticket
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

CURIUM

Score: 7.98

Matched TTPs:

T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot

MITREへのリンク →

Winter Vivern

Score: 5.39

Matched TTPs:

T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Threat Group-3390

Score: 6.41

Matched TTPs:

T1001 - Data Obfuscation
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 9.24

Matched TTPs:

T1001 - Data Obfuscation
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1665 - Hide Infrastructure

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

menuPass

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

Axiom

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Higaisa

Score: 6.92

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Leviathan

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT37

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

UNC3886

Score: 4.09

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

BRONZE BUTLER

Score: 5.85

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot

MITREへのリンク →

Sea Turtle

Score: 4.16

Matched TTPs:

T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Tropic Trooper

Score: 6.99

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Darkhotel

Score: 5.85

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot

MITREへのリンク →

Volatile Cedar

Score: 4.13

Matched TTPs:

T1002 - Data Compressed

MITREへのリンク →

SideCopy

Score: 4.13

Matched TTPs:

T1584.002 - DNS Server

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Wizard Spider

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

PROMETHIUM

Score: 4.43

Matched TTPs:

T1059.012 - Hypervisor CLI
T1490 - Inhibit System Recovery

MITREへのリンク →

Scattered Spider

Score: 4.54

Matched TTPs:

T1027.002 - Software Packing

MITREへのリンク →

Chimera

Score: 5.43

Matched TTPs:

T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Turla

Score: 0.82

Matched TTPs:

T1097 - Pass the Ticket
T1099 - Timestomp
T1608.005 - Link Target
T1578.001 - Create Snapshot
T1059.012 - Hypervisor CLI
T1556.009 - Conditional Access Policies
T1490 - Inhibit System Recovery
T1218.001 - Compiled HTML File

MITREへのリンク →

APT28

Score: 0.80

Matched TTPs:

T1097 - Pass the Ticket
T1146 - Clear Command History
T1608.005 - Link Target
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1566.003 - Spearphishing via Service
T1055.008 - Ptrace System Calls

MITREへのリンク →

Lazarus Group

Score: 0.56

Matched TTPs:

T1608.005 - Link Target
T1578.001 - Create Snapshot
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure

MITREへのリンク →

APT38

Score: 0.55

Matched TTPs:

T1059.005 - Visual Basic
T1097 - Pass the Ticket
T1590 - Gather Victim Network Information
T1059.012 - Hypervisor CLI

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る