State Sponsored hacking?


So yesterday my site got hit by a large number(140) of Chinese IP addresses  all trying to login to my site.

Fail2 ban blocked them and sent me lots of emails:

Then this morning another pile of Chinese IP addresses ( over 100 ) attempted to login to my email server:

Fail2ban blocked those too.

Then this afternoon I noticed another pattern appearing in my logs:

And guess what… it’s China again….  and soon after this rather obvious controlled bot attack the wp-login attempts started again.

Getting pretty sick and fed up of this sort of thing from China – It’s odd how the Great Firewall of China doesn’t stop hacking attempts from within the country…..


This entry was posted in Sad Spammers and tagged , , , . Bookmark the permalink.

2 Responses to State Sponsored hacking?

  1. Wolf Jäger says:

    Hello Steve,
    greetings from Germany. My little Blog is the second Time in December Attacked from China. The Login limitation Plugin from WordPress is my Friend… The First Attack is beginning in 6. December in 0.01 AM and ending in 26 hours… It is Cyber Terrorism- and i am not heavy armed….

    • Steve says:

      I use fail2ban which runs over the apache logs and then firewalls them, keeps the load off the webserver. I have fail2ban to delist after 2 weeks.. most of the IP addresses go back onto the list within 24 hours. So this onslaught is not stopping….

Leave a Reply