Informed Webmaster

I get notified of a lot of failed login attempts to my WordPress sites. Not so much lately, but it seems to come in waves. I also get failed attempts to retrieve passwords. Their IPs (of which I assume they have hundreds of) are blocked for the maximum of 3 months. There are dozens of failed upload events, along with other seedy attempts to break into my sites.

Last night, however, I received about 350 emails overnight from a "hacker" (or more likely a pack of hackers) who apparently connected to my machine and viewed me thru my web cam. I don't have a web cam.

They wanted $800 in bitcoin and wanted it now. Needless to say, I didn't send the money (surprise, surprise) but I did send those emails into the abyss, I call "the delete bin", which I then purged.

So, what's happening in your neck of the woods these days from hackers?

I have been getting those for ages (must be a year now). I don't have a web cam either.

Local police have already made social media posts about this fraud.

I added the email addresses to my Outlook mail rules and send them right to Spam bucket.

LMD wrote: Tue Jun 02, 2020 3:55 pm
So, what's happening in your neck of the woods these days from hackers?

About the same as you. I was getting about 200 a day for about a week. I turned off the SSH and now it is down to 2 or attempts to login to postfix. If I need SSH I will just restart the scripts. You will get a kick out of this. I enabled for about 15 minutes the other day and they hit me 3 times in that tiny window.

As for the WP sites, it all depends on how the scripts are written but you may be able to rename wplogin to some random name that only you know. Then let the b****** keep trying. I used to have a fake login script that once they tried to login said "If this file exists you f***** up and recorded all their info to a cracker table in the db.