Top 5 Brute Force Attacks

Password hacking has been around for quite some time. In fact, one could argue most of the tools and methods used to crack passwords have not changed all that much in recent years. Brute-force attacks remain the most popular –  and successful – attack vectors to obtain login information. Several of these attacks have proven to be quite successful over the past few years, affecting millions of consumers around the world.

#5 2013 WordPress Brute-force Attack Wave

wordpress logo

Popular DDoS protection provider Cloudflare noted a significant increase in brute-force attacks against WordPress platforms back in 2013. In fact, CloudFlare blocked as many as 60 million brute-force requests in one hour on April 13, 2013. This large-scale coordinated attack was one of the largest in recent history, luckily very few sites were compromised in the process.

#4 Club Nintendo (July 2013)

club nitendo logo

Nintendo has always been a popular company among gaming enthusiasts. Club Nintendo is a community membership site, where millions of users discuss everything related to their favorite company. In July of 2013, evidence surfaced of Club Nintendo suffering a major brute-force attack, which affected 25,000 forum members. It took hackers over 15 million brute-force attempts to crack these accounts. All affected accounts were promptly suspended until access had been restored to the rightful owners.

#3 US Utility’s Control Systems (2014)




To this date, it remains unclear which US utility company was compromised during this brute-force attack in 2014. According to Homeland Security, criminals were unsuccessful in gaining access to critical systems. However, that does not mean this attack should be overlooked by any means, as it highlights the dire need for better cyber security precautions in the utility industry. This particular attack was likely executed through an online portal which grants access to basic control systems.

#2 Alibaba’s TaoBao (2015)

alibaba logo

In February of 2016, it became clear the popular e-commerce platform TaoBao was affected by a massive brute-force attack. This platform, owned by the Alibaba group, saw close to 21 million user accounts getting compromised. This attack took place between October and November of 2015. A database containing 99 million usernames and passwords was used to brute-force existing TaoBao accounts. One in five of these attempts was successful, which highlighted how often people reuse bad passwords.

#1 GitHub

github logo

Perhaps the largest brute-force attack to be recorded in recent history affected GitHub in 2013. This particular brute-force password-guessing attack proved to be quite successful, as several accounts were compromised in the process. Even though GitHub stores passwords securely, criminals managed to compromise some accounts with relative ease.

During the attack, researchers identified brute-force login attempts being executed from close to 40,000 unique IP addresses. It remains unclear where the list of “weak” passwords came from. However, it is evident the attacks used a list of usernames and passwords they obtained through a different hack. It remains unclear how many accounts have been affected by this 2013 brute-force attack, as GitHub never officially disclosed that information.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

32 Comments

  1. BettyBuh September 27, 2020
  2. scasciple December 13, 2020
  3. Reggie Forno January 26, 2021
  4. Anonymous January 29, 2021
  5. cheap flights January 31, 2021
  6. cheap flights January 31, 2021
  7. cheap flights February 1, 2021
  8. http://tinyurl.com/ February 2, 2021
  9. cheap flights February 2, 2021
  10. http://tinyurl.com February 2, 2021
  11. KuikIrrer February 5, 2021
  12. Fqhhpseub February 5, 2021
  13. Kbcxbusy February 6, 2021
  14. Lbsxpseub February 6, 2021
  15. Aqcfshedgeled February 6, 2021
  16. Ahkdpseub February 7, 2021
  17. Jbbvpseub February 8, 2021
  18. JbnbInasy February 8, 2021
  19. Fvfctrabe February 9, 2021
  20. tinyurl.com February 11, 2021
  21. KbbfIrrer February 12, 2021
  22. other names for plaquenil February 12, 2021
  23. Fqbbpseub February 13, 2021
  24. Kvaxbusy February 13, 2021
  25. Labxpseub February 13, 2021
  26. Abcfshedgeled February 13, 2021
  27. Jbbnpseub February 15, 2021
  28. JbnvInasy February 15, 2021
  29. Ahbzpseub February 16, 2021
  30. buy chloroquine February 17, 2021
  31. Fbsgtrabe February 17, 2021
  32. Nbnhtrabe February 18, 2021

Leave a Reply