Blog Archives

Massive Number Websites in Botnet

Read this article here

Massive Number Websites in Botnet

Massive Number of Hacked USA Websites Participate in WordPress Botnet Attack

website botnet thumbnail imageFor the past couple of days we’ve been watching a customers WordPress site being attacked by a botnet of websites trying to access site admin with user name “admin” and a variety of simple passwords.

Most of these attacks are coming from USA based web hosting services. One particular top level service provider, Provo Unified Layer, stands out above the rest as the most hacked network. Many 2nd tier providers use Provo Unified Layer infrastructure including Bluehost and Hostmonster. Of the hosts using Provo Unified Layer infrastructure, Bluehost is ahead of the pack in having hosted sites participating in the botnet.

Botnet Attacks WordPress Website

Read this article here

Botnet Attack on WordPress Website

What appeared to be a botnet attacked one of my sites ( this morning in a brute-force wp-login attempt from multiple IP addresses. This was the most coordinated attack against any of my sites I’ve experienced. Usually the hacker bots I see use up to 6 IP’s in these attacks – 146 IPs is serious stuff…

146 IP’s Used in Simultaneous Attack. The IP’s listed are the guilty parties to this brute-force login attack on the site. The main attack started at 05h09 GMT this morning (November 25, 2012) and continued until 05h15 GMT. A second but less intense attacked followed; starting from 05h16 GMT tailing off until ending at 05h43 GMT

Security Alert | Mijnics Hoax

Credit Card Security WarningWarning of phishing scam: Mijnics Hoax

In the ongoing war against online threats to financial security, this scam e-mail notification warns our readers of a recent threat. An e-mail received this morning masquerading as an offical notification from International Card Services (ICS) (Netherlands) claiming their server had been attacked by cyber-criminals

The mail requests all account holders to update their credit card information.

Do Not click on the links contained in this e-mail

Do not submit your details to this scamming site

The text contained in the mail received reads (in Dutch)

“Afgelopen donderdag is onze server MijnICS aangevallen door internetcriminelen. Wij zijn bezig met ons onderzoek dat onlangs is ingesteld en hopen binnenkort deze internetcriminelen te ontmaskeren.
Tijdelijk is het noodzakelijk dat alle klanten die gebruik maken van MijnICS nu momenteel op de onderstaande website inloggen en hun opnieuw verIfieren. Na het volledig invoeren is ons beveiligingsprocedure voltooid en verschijnt er een scherm waarop zichtbaar is dat uw MijnICS volledig is beveiligd is. U krijgt hier over ook een e/mail toegestuurd. Na dat u onze e-mail hebt ontvangen, kunt u weer inloggen op de officiele website van ICS.
Opgelet! Dit moet binnen 48 uur uur gedaan worden, anders verdenken wij dat er een internetcrimineel achter uw MijnICS zit.
Opgelet! Log pas weer in op de officiele website als u de beveiligde website succesvol hebt voltooid. Logt u toch eerst in op de officiele website, is er kans dat wij deze actie verdacht vinden en uw MijnICS tijdelijk op hold zetten.

Klik hier! Voor de beveiligde website!
(Het kan zijn dat sommige computers het moeilijk hebben met de capaciteit van de  en niet alles meer zichtbaar is)

Bewaar deze brief/e-mail bij uw andere brieven.

The english translation reads (translation by Google Translate)

“Last Thursday our server MijnICS was attacked by cybercriminals. We’re doing our research that has recently been installed and we hope to expose these cybercriminals.
Temporarily, it is imperative that all customers who use MijnICS now available on the website below and log them again verify. After fully implementing our security procedure is completed and a screen that is visible to your MijnICS completely secure. You will get about an e / mail. After you have received our email, you can log back in to the official website of ICS.
Attention! This must be done within 48 hours hours, otherwise we suspect that an Internet criminals behind your MijnICS it.
Attention! Only log in on the official website if you have successfully completed the secure website. Please log but only on the official website, chances are we suspicious of this action and your MijnICS temporarily hold up. Click here! For the secure website!
(It may be that some computers have difficulty with the capacity and not everything is visible) Attention!
Keep this letter / e-mail with your other letters.”


No security card company will ever notify account holders using this type of e-mail notification.
If you are uncertain about the security of your credit card or bank accounts – CONTACT YOUR BANK only. Never use any link contained in an e-mail to access your bank account or your card account.