Cisco says in just one week in February they detected 1, 127, 818 different IP addresses being used to launch 744, 361, 093 login attempts on 220, 758, 340 different email addresses — and that 93% of those attacks were directed at two financial institutions in a massive Account Takeover (ATO) campaign. An anonymous reader writes: Crooks used 993, 547 distinct IPs to check login credentials for 427, 444, 261 accounts. For most of these attacks, the crooks used proxy servers, but also two botnets, one of compromised Arris cable modems, and one of ZyXel routers/modems. Most of these credentials have been acquired from public breaches or underground hacking forums. This happened before the recent huge data breaches such as MySpace, LinkedIn, Tumblr, and VK.com. It’s apparently similar to the stolen-credentials-from-other-sites attack that was launched against GitHub earlier this week. Read more of this story at Slashdot.
Excerpt from:
One Million IP Addresses Used In Brute-Force Attack On A Bank
