COMPROMISED IP LIST APRIL 5-20, 2013

In a previous article, http://www.carolinafinds.com/blog/list-of-possibly-compromised-ips, I spoke of an ongoing Brute Force Attack of ip’s trying to log in to this blog. I don’t know if the original attack is connected to the one currently hitting a massive number of WordPress sites.

Both sucuri.net and us-cert.gov (as well as a lot of other websites) have information about the ongoing attack as well as things people can do to make their websites more secure. Looks like someone is building a bot network for unknown reasons and it’s growing.

Below is a list of ip’s which have tried to log in to this site between the period of April 5th and April 20th. It’s not all inclusive – new ip’s are constantly being compromised and added to the attack. Google is your friend – there are other lists out there with even more ip’s listed. **

108.163.128.206
115.187.79.147
168.144.196.233
173.230.144.201
174.121.92.190
174.127.117.77
178.208.91.196
178.63.253.197
178.77.97.114
180.188.194.54
184.154.36.210
184.168.112.26
184.168.114.10
185.15.196.72
188.165.202.45
188.40.69.202
198.1.103.205
198.154.229.38
198.57.163.161
198.98.113.47
199.180.252.22
199.195.143.121
199.223.214.154
203.98.75.98
207.58.139.238
207.58.185.126
208.113.184.22
208.113.197.94
208.113.198.170
208.115.125.60
208.116.36.230
209.51.142.178
210.188.201.162
210.188.201.41
210.210.178.20
216.224.175.71
24.234.3.189
31.210.86.205
37.247.99.82
46.165.198.100
5.135.158.104
50.63.154.219
61.19.248.138
64.202.240.136
64.207.146.169
64.22.33.10
65.254.168.168
65.254.40.154
65.44.220.57
65.60.19.242
66.36.228.123
66.55.144.244
66.135.37.211
67.205.1.74
67.205.24.238
67.205.45.80
67.205.45.170
67.215.243.250
69.163.183.221
69.163.202.16
69.163.221.149
69.174.241.113
69.174.254.88
72.14.185.153
72.32.68.101
72.167.13.19
74.117.61.88
77.235.47.247
77.93.192.212
78.142.63.82
80.68.95.137
80.78.247.92
80.86.105.174
83.243.57.33
85.10.195.141
85.95.238.76
85.119.183.223
85.158.215.36
85.190.5.212
85.214.27.40
85.25.73.37
87.253.162.6
89.38.207.234
89.44.200.154
91.121.152.5
91.184.49.98
91.203.108.132
92.114.86.81
93.114.41.220
93.187.140.18
94.23.234.227
95.154.234.101
95.173.186.104
96.127.139.170

** I believe these ip’s are all compromised. If, however, you “own” one of these ip’s and you feel you have been listed in error, please contact me and I will either provide you with logs as proof or correct any error I may have made.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.