Last week, WordFence reported a huge spike in brute force password-guessing attacks on their websites they protect. They looked into the IP's that are behind the surge in attack volume and discovered a home router botnet appears to have started attacking again.
Back in April, WordFence wrote about a home router botnet that was being used to attack WordPress websites. Many of those attacks were originating from IPs that had a specific port (7547) open and were running a vulnerable version of remote management software called Rompager. WordFence published a list of 28 ISPs with suspicious attack patterns indicating compromised routers and built a tool that checks if your router is vulnerable. In early May WordFence wrote about that same botnet shutting down.
Read the rest: www.goo.gl/3Mc7NE