The cybersecurity experts at Wordfence have been tracking cybersecurity attacks, particularly malicious login attempts against WordPress sites. They have created a blacklist of IP addresses that they believe are at the root of the security breaches.
The 40 IP addresses, however, have been on the Wordfence blocklist since the end of 2020 and have each sent out over 1 Million malicious login attempts since November 17, 2021:
35.183.60.188
54.176.188.51
52.60.189.115
52.52.190.187
52.65.15.196
18.231.94.162
34.209.105.222
34.215.69.55
18.221.206.247
52.64.20.252
13.124.222.242
35.181.87.238
18.229.73.207
13.233.73.212
13.209.28.104
52.42.79.222
13.232.96.15
52.15.212.3
13.58.56.77
18.136.72.135
52.30.16.188
35.178.16.1
18.194.196.202
13.48.53.51
13.53.64.97
34.241.77.13
54.250.87.247
3.8.68.2
18.197.125.181
34.251.241.226
18.184.155.204
35.180.147.121
52.192.73.251
3.8.12.221
35.181.112.20
3.0.115.255
13.228.104.57
13.53.208.18
54.178.182.46
13.211.126.30
AWS, or Amazon Web Services, makes it simple to access its cloud services, hackers are taking advantage of this vulnerability, causing a steep increase in these breaches. The best way to prevent such threats is by using Wordfence premium services, which they state will automatically block the malicious attempts by any of the IPs listed above. Also, using two-factor authentification helps against fraudulent log-in attempts and keeps your WordPress site safe. Currently, about 40% of the websites on the web are powered by WordPress.