The Wordfence Threat Intelligence team has been tracking a huge increase in malicious login attempts against WordPress sites in our network. Since November 17, 2021, the number of attacks targeting login pages has doubled.
WordFence have seen a global increase in attacks against WordPress sites during the past week, and more than a quarter of all of the malicious login attempts we’re tracking are now originating from Amazon Web Services (AWS) EC2 instances.
While AWS makes it easy for businesses to move to the cloud, attackers are also utilizing the scale provided by cloud services, including AWS, in increasing numbers.
Many site owners still reuse the same password in multiple locations, and data breaches, such as the recent GoDaddy breach, are frequently a source of compromised passwords. These compromised passwords are used by attackers to attempt to login to even more sites and services. Using this technique, attackers may guess your login correctly on the first try.
We also recommend that everyone use 2-factor authentication wherever possible, as it is an incredibly effective way of protecting your site even if an attacker has your password. The free version of Wordfence includes 2-factor authentication as a feature.