Hackers using brute force attacks on wordPress sites & installing Monero

This activity has been increasing and there has now been concern in the wordPress community over a new technique hackers are using to install Monero into users websites. Hackers are attempting to guess admin logins in order to get into the wordpress sites.

Judging by the amount of activity this seems to be intensely getting worse and as of Monday December 18th we have witnessed the greatest activity ever.

Over 190,000 wordPress sites being attacked per hour

To give you an idea on how large this massive attack is and the rate its been hitting wordPress sites it seems like there is no end in site as of yet. At one point the monitors tracked more than 14 Million attacks per hour. WordPress is vamping up their logs just to keep up with the activity.

The repo was shared over reddit and gitHub to help increase the attacks. There seems to be a file they are using to help them test their attacks. I think i heard somehwere that this file may contain documented common password list based on domain names and the contents of the sites.

What are the hackers intentions?

They want to install Monero into your sites. Along with this attack there is also code installed to help them spread the attack to other sites. Somone at WordPress was able to detect this activity on their servers and was able to monitor the current situation.

How much have the hackers acheived?

So far there have been numerous sites that have already been compromised. Hackers have made over $100,000 worth of Monero thanks for your sites they have used so far. As the amount is currently growing the exact amount the hackers will steal is yet to be calculated. The names of the malware campaigns that have been documented are: Zealot, Hexmen, & Loapi. As a result Monero's price has been driving toward the sky!