A security firm “Wordfence” reported on Tuesday that tens of thousands of vulnerable home routers have been hacked and abused to launch attacks on WordPress websites. Moreover, the company noticed that the number of attacks launched against customer websites from Algeria had increased significantly compared to the previous period. A closer analysis of the more than 10,000 attacking IP addresses revealed that most were associated with state-owned telecoms company “Telecom Algeria”.
Wordfence has determined that hackers exploited vulnerabilities in the routers provided by Telecom Algeria to customers, and then abused the hijacked devices to launch brute-force and other types of attacks on WordPress sites.
Researchers identified compromised routers from 27 other ISPs worldwide, including ones in Pakistan, India, the Philippines, Turkey, Egypt, Morocco, Malaysia, Brazil, Indonesia, Serbia, Saudi Arabia, Russia, Romania, Sri Lanka, Croatia and Italy.
The company reported that, over the course of three days, 6.7 percent of all attacks aimed at protected WordPress websites came from home routers that have port 7547 open.