Experts have warned of a recent major cyberattack that has affected around 2,800,000 IP addresses worldwide, where threat actors have tried to use brute force techniques to break into various networking devices and accounts.
Cybersecurity attacks are one of the most dangerous instances in the modern internet age, as they open up people to significant vulnerabilities that can lead to extortion and more.
Hacking professionals have warned against the signs that you can use to spot and prevent any malicious attacks, which can sometimes be as simple as a plain USB cable, but it's scary how easy it can be to become compromised, especially to wide scale threats.
Advert
As reported by TechRadar, one recent cyberattack has targeted around 2.8 million different IP addresses in order to guess the passwords for Virtual Private Networks (VPNs) and other network devices, especially those built by Palo Alto Networks, Ivanti, and SonicWall, among others.
This has been outlined by The Shadowserver Foundation - an alliance whose mission is to bring awareness to vulnerabilities and malicious activity. They outlined on their official X account:
Advert
"Large increase in web login brute forcing attacks against edge devices seen last few weeks in our honeypots, with up to 2.8M IPs per day seen with attempts."
It's indicated that around 1,000,000 of these IPs can be sourced to Brazil, with others locating from Argentina, Mexico, Morocco, Russia, and Turkey.
The 'brute forcing' attacks mentioned above involve an overwhelming number of login attempts in order to break into an account, typically those with weaker passwords that don't take as long to crack.
These are typically achieved through automation, which is made possible through malware installed onto the affected devices. This ensures that the process is not only a lot quicker, but also affects a far larger number of devices, which increases the danger.
Advert
On top of this, as per BleepingComputer, it's highly likely that these threat actors are using what's called residential proxies, which make the internet traffic appear as if it is coming from a 'normal' user at home as opposed to a scraper, bot, or hacker.
This makes them much harder to both detect and prevent, although recent dramatic increases in activity have made organizations like The Shadowserver Foundation aware of the issue.
Some of the best things you can do to avoid falling prey to attacks like this is to ensure that your password is sufficiently complex, including a variety of uppercase and lowercase letters, numbers, and special characters.
Advert
Using a service like PasswordMonster can help you distinguish how secure your passwords are, giving an indication of how long it'd take to crack under a system like the ones discussed here.
Additionally, enabling features like multi-factor authentication give you an additional layer of protection when targeted in an attack, and it's well worth activating it if you want to keep your accounts safe.