Links

Categories

Tags


« | Main | »

Top Log-in Spammers for August 2014

By Jewe | August 7, 2014

This blog continues to be spammed with automated log-in attempts from bots. Luckily 99% of the bots are so unsophisticated, they just try to log in as “admin” with a random password.

If you’re a WordPress user yourself, I urge you to delete the default admin user and create a new one under a different name. My blog uses 128-bit hash keys as user names, the names shown in blog posts are just aliases. And aliases aren’t recognized as log-in names. If you want to make your WordPress blog safer, I recommend you do the same.

As you also may notice from the list below, most hacking attempts originate from the same IP address range: 146.0.7x.xx – an IP address range that is notorious for sending email spam and automated blog hacking attempts.

The range is assigned to the ISP “HOSTKEY B.V.”, located in the Netherlands. It is amazing that an ISP can provide email and log-in spammers with the means to perform such activities for years, without any official organ intervening.

As I understand it, most European countries have banned spamming and hacking as criminal offenses. However, it seems to me that international law in this field still remains a very theoretical construct. There seems to be no official organ with the means to enforce these laws, especially not internationally. Internet law seems pretty much toothless.

Even in case the ISP is not responsible for their customer’s actions, and even in case these activities are performed by an underground botnet that has unknowingly infected user’s computers, ISPs should still be obligated to notify their customers of such activities, so they can purge their computers of such malware. ISPs should also be obligated to block offending Internet users, if they don’t respond to such notifications.

ISPs that fail to keep their customers “in check” for years, as seems to be the case with “HOSTKEY B.V.”, should face the threat of being disconnected from Internet altogether. That should be financially disastrous enough to discourage any company from turning a blind eye to illegal activities.

IP              Tried to log in as
141.105.66.179  admin (39 lockouts)
5.39.219.27     admin (37 lockouts)
146.0.74.202    admin (35 lockouts)
146.0.74.208    admin (34 lockouts)
5.39.218.37     admin (34 lockouts)
5.39.219.25     admin (33 lockouts)
146.0.73.156    admin (31 lockouts)
146.0.74.212    admin (31 lockouts)
146.0.78.9      admin (30 lockouts)
146.0.74.204    admin (28 lockouts)
146.0.74.206    admin (27 lockouts)
146.0.74.234    admin (26 lockouts)
146.0.74.170    admin (25 lockouts)
146.0.74.28     admin (23 lockouts)
146.0.73.155    admin (22 lockouts)
146.0.79.23     admin (22 lockouts)
146.0.78.8      admin (15 lockouts)
146.0.73.133    admin (14 lockouts)
91.218.244.131  admin (10 lockouts)

Topics: blog | Comments Off on Top Log-in Spammers for August 2014

Comments are closed.