A massive brute force attack uses 2.8 million IP addresses to take down VPNs

Nearly 2.8 million IP addresses are being used in a massive brute force attack targeting network devices, such as those offered by Palo Alto Networks, Ivanti, and SonicWall.

ExpressVPN DOWNLOAD

This type of attack, which seeks to access accounts by repeating combinations of username and password, has seen a notable increase since its emergence in early January.

According to reports from the Shadowserver Foundation, the implicated IP addresses come from various parts of the world, with more than 1.1 million of them originating in Brazil, followed by Turkey, Russia, Argentina, Morocco, and Mexico.

How attacks against VPNs are being carried out

The attackers appear to be using botnets and residential proxy networks to carry out these attacks, complicating their tracking by authorities. A botnet is a network of computers infected with malware, while residential proxies allow criminals to access the internet using IP addresses that appear legitimate. This helps them hide their identity and maintain their anonymity, which poses a considerable challenge for cybersecurity.

Despite the scale of the attack, to date, none of the major VPN services have been compromised. However, the importance of implementing strong passwords and enabling two-factor authentication (2FA) to protect devices and networks is emphasized, especially for small and medium-sized enterprises that are often more vulnerable to these attacks.

A strong business VPN not only encrypts internet traffic but also protects data and allows secure access to servers and networks.

ExpressVPN DOWNLOAD

All users, whether individuals or businesses, are advised to adopt good data privacy practices and consider using a VPN, which will provide an additional layer of security. Although there is a possibility that this type of attack will continue to increase, implementing appropriate measures helps mitigate the risk.