More then 10,000,000+ Hacking Attack on NEARnft Website

NDC Community and nodes
1

Last 30 days hacking attack report of NearNFT Website.

Too many hackers are trying to HACK NearNFT Website.

Last month we have blocked more than 10,000,000+ website bot attack

  1. IP Country Block Count
    39.50.124.250 Pakistan 119
    20.216.2.198 United States 115
    81.177.175.244 Russian Federation 39
    52.73.197.166 United States 38
    23.96.124.120 United States 38
    2a02:c207:2019:8862::1 Germany 38
    87.107.68.173 Iran, Islamic Republic of 36
    74.208.50.133 United States 33
    198.50.153.208 United States 22
    51.12.92.185 Sweden 17
    163.123.142.249 United States 15
    31.210.20.99 United States 7
    2.56.59.95 United States 5
    163.123.142.178 United States 4
    178.159.37.40 Ukraine 4
    37.0.11.64 Netherlands 4
    31.210.20.114 United States 4
    103.245.72.30 Indonesia 4
    37.115.144.99 Ukraine 3
    2607:f130:0:107:d6ae:52ff:febb:96a United States 3
    173.212.245.128 Germany 3
    139.59.248.21 Singapore 2
    2a02:c206:2079:2250::1 Germany 2
    34.76.147.42 Belgium 2
    95.173.161.171 Turkey 2
    195.204.187.15 Norway 2
    80.80.228.6 Switzerland 2
    165.22.116.165 United Kingdom 2
    5.248.226.105 Ukraine 2
    77.68.6.111 United Kingdom 2
    35.175.136.149 United States 2
    87.98.232.20 Poland 2
    37.130.93.161 Turkey 2
    52.21.0.38 United States 2
    103.174.115.103 Unknown 2
    46.161.39.76 Russian Federation 2
    37.115.216.247 Ukraine 2
    5.101.157.10 Russian Federation 2
    34.87.101.136 Singapore 2
    157.230.253.37 Singapore 2
    81.169.207.7 Germany 1
    2400:6180:0:d0::3b5:4001 Singapore 1
    91.241.51.98 Turkey 1
    51.161.0.213 Canada 1
    103.110.84.88 Vietnam 1
    65.21.126.186 Finland 1
    110.42.175.75 China 1
    212.129.40.13 France 1
    85.128.143.15 Poland 1
    152.32.142.123 Nigeria 1
    2604:a880:400:d0::1b92:a001 United States 1
    43.154.60.80 China 1
    165.232.71.87 Germany 1
    52.95.251.100 United States 1
    103.237.145.122 Vietnam 1
    13.233.193.75 India 1
    121.50.43.205 Japan 1
    2001:41d0:303:f1cc:: France 1
    161.97.133.150 Germany 1
    2a01:e0a:7c:d40:2e2:5cff:fe68:79e8 France 1
    51.38.169.101 Spain 1
    103.104.123.42 Vietnam 1
    177.153.50.81 Brazil 1
    64.227.169.212 United States 1
    107.170.36.82 United States 1
    207.180.240.167 Germany 1
    82.223.222.117 Spain 1
    147.182.229.61 United States 1
    2604:a880:4:1d0::25e:c000 United States 1
    95.108.213.35 Russian Federation 1
    103.226.250.27 Vietnam 1
    188.166.235.31 Singapore 1
    121.42.173.104 China 1
    2001:41d0:203:109c:: France 1
    159.65.244.245 United States 1
    2a00:1828:1000:2504::2 Germany 1
    103.77.160.73 Vietnam 1
    177.55.118.235 Brazil 1
    61.77.106.99 South Korea 1
    106.12.147.12 China 1
    198.199.76.62 United States 1
    82.66.92.137 France 1
    147.139.172.47 Indonesia 1
    2400:6180:100:d0::9bb:1 India 1
    94.247.172.123 Sweden 1
    164.68.127.180 Germany 1
    2a02:c207:2047:2318::1 Germany 1
    185.149.40.222 Ukraine 1
    5.202.189.212 Iran, Islamic Republic of 1
    120.55.169.254 China 1
    2001:df7:ce00:2::4 Vietnam 1
    34.133.253.82 United States 1
    85.128.143.178 Poland 1
    159.65.39.113 United States 1
    103.3.247.65 Vietnam 1
    176.235.216.155 Turkey 1
    60.205.205.107 China 1
    104.168.36.11 United States 1
    143.244.166.16 United States 1
    2400:6180:100d0::2db:3001 India 1

  2. Top Countries by Number of Attacks - Last 7 Days
    Country Block Count
    Pakistan 119
    United States 77
    Germany 45
    Iran, Islamic Republic of 37
    Singapore 5
    China 4
    South Korea 2
    Russian Federation 2
    Ukraine 2
    Indonesia 2

3 Login Attempts Failed

Username IP Date
yashannapolisllc 103.81.92.137 February 12, 2022 2:47 am
admin 104.248.150.29 January 23, 2022 8:54 am
admin 104.248.150.29 January 23, 2022 8:54 am
admin 104.248.150.29 January 23, 2022 8:54 am
admin 202.179.185.178 January 22, 2022 11:33 pm
admin 202.179.185.178 January 22, 2022 11:33 pm
admin 202.179.185.178 January 22, 2022 11:33 pm
admin 18.185.90.138 January 22, 2022 10:52 pm
admin 18.185.90.138 January 22, 2022 10:52 pm
admin 104.248.150.29 January 22, 2022 5:40 pm
admin 104.248.150.29 January 22, 2022 5:40 pm
admin 104.248.150.29 January 22, 2022 5:40 pm
yashannapolisllc 142.132.167.132 January 22, 2022 2:58 pm
admin 188.166.208.188 January 21, 2022 3:34 pm
admin 188.166.208.188 January 21, 2022 3:33 pm
admin 188.166.208.188 January 21, 2022 3:33 pm
admin 34.101.165.163 January 21, 2022 6:59 am
admin 34.101.165.163 January 21, 2022 6:59 am
admin 52.176.55.235 January 21, 2022 4:28 am
admin 52.176.55.235 January 21, 2022 4:28 am
admin 52.176.55.235 January 21, 2022 4:27 am
admin 34.142.50.239 January 21, 2022 1:25 am
admin 34.142.50.239 January 21, 2022 1:25 am
admin 34.142.50.239 January 21, 2022 1:25 am
naveen 62.102.148.164 January 21, 2022 12:43 am
yashannapolisllc 2a0b:f4c2::11 January 20, 2022 6:06 pm
yashannapolisllc 2a0b:f4c2::11 January 20, 2022 6:06 pm
yashannapolisllc 2a06:1700:0:16::1 January 20, 2022 6:06 pm
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 125.164.234.135 January 20, 2022 12:12 am
admin 164.92.245.223 January 19, 2022 10:49 am
admin 164.92.245.223 January 19, 2022 10:49 am
admin 164.92.245.223 January 19, 2022 10:49 am
admin 185.246.208.36 January 18, 2022 5:19 pm
admin 185.246.208.36 January 18, 2022 5:19 pm
admin 185.246.208.36 January 18, 2022 5:19 pm
admin 41.142.84.157 January 18, 2022 4:55 pm
admin 41.142.84.157 January 18, 2022 4:55 pm
admin 185.101.32.20 January 18, 2022 4:05 pm
admin 185.101.32.20 January 18, 2022 4:05 pm
admin 65.1.1.61 January 18, 2022 9:49 am
admin 65.1.1.61 January 18, 2022 9:49 am
admin 65.1.1.61 January 18, 2022 9:49 am
admin 65.1.1.61 January 18, 2022 9:49 am
admin 34.213.163.27 January 18, 2022 9:43 am
admin 34.213.163.27 January 18, 2022 9:43 am
admin 34.213.163.27 January 18, 2022 9:43 am
admin 34.213.163.27 January 18, 2022 9:43 am
admin 34.217.209.216 January 18, 2022 9:39 am
admin 34.217.209.216 January 18, 2022 9:39 am
admin 34.217.209.216 January 18, 2022 9:39 am
admin 34.217.209.216 January 18, 2022 9:39 am
admin 16.170.230.116 January 18, 2022 9:36 am
admin 16.170.230.116 January 18, 2022 9:36 am
admin 16.170.230.116 January 18, 2022 9:36 am
naveen 62.102.148.130 January 17, 2022 8:32 am
nexgen 193.37.32.223 January 17, 2022 4:29 am
nexgen 193.37.32.223 January 17, 2022 4:29 am
nexgen 193.37.32.223 January 17, 2022 4:29 am
nexgen 193.37.32.223 January 17, 2022 4:29 am
staff 178.128.223.187 January 17, 2022 3:41 am
staff 178.128.223.187 January 17, 2022 3:41 am
staff 178.128.223.187 January 17, 2022 3:41 am
staff 178.128.223.187 January 17, 2022 3:41 am
dresstomari301005 178.128.223.187 January 17, 2022 2:04 am
dresstomari301005 178.128.223.187 January 17, 2022 2:04 am
dresstomari301005 178.128.223.187 January 17, 2022 2:03 am
admin 52.152.221.136 January 16, 2022 1:18 pm
admin 52.152.221.136 January 16, 2022 1:18 pm
admin 52.152.221.136 January 16, 2022 1:18 pm

  1. Total Attacks Blocked:
    download (19)

  2. We tested https://nearnft.club/ on all our checkpoints. See the results below.

    download (20)
    download (20)853×1045 442 KB

  3. Traffic logging mode: Security-related traffic only. Login and firewall activity will appear below.
    Location Page Visited Time IP Address Hostname Response View
    Ahmedabad, India /login/ 3/27/2022 12:22:13 PM 150.129.206.93 150.129.206.93 302
    (OPENS IN NEW TAB)
    Germany /wordpress-old 3/27/2022 10:55:21 AM 2a02:c207:2019:8… 403
    (OPENS IN NEW TAB)
    Germany /blogs 3/27/2022 10:55:20 AM 2a02:c207:2019:8… 403
    (OPENS IN NEW TAB)
    Germany /bkp 3/27/2022 10:55:19 AM 2a02:c207:2019:8… 403
    (OPENS IN NEW TAB)
    Germany /cms 3/27/2022 10:55:18 AM 2a02:c207:2019:8… 403
    (OPENS IN NEW TAB)

SHEET OF HACKER IP ADDRESS

@marketingdao-council @nearity @CommunityDAO Hello Near Community I just made this report for all the near project websites if you are also getting some of the attacks you can block the upper given IP address for securing your site

9 Likes
2

Thanks for sharing, will let the security team know :100:

Stay safe! :v:

2 Likes
3

Thanks for sharing this with the community!

2 Likes
4

Thanks for sharing this, will forward it to one of my frens. :grin::raised_hands:

2 Likes
5

TODAY OUR @NearNft WEBSITE GOT ATTACKED BY SQL INJECTION

image
image1920×1080 105 KB

AFTER 5 HRS OF CLEANING THE DATABASE WE FOUND THE VIRUS AND REMOVE IT FROM THE WEBSITE

SOME OF THE BEST TIPS FOR WEBSITE

  1. TAKE MULTIPLE BACKUPS OF CPANEL
  2. CHECK DATABASE AND SQL DAILY
  3. UPDATE ALL PLUGINS AND THEMES

THESE ARE THE SOME OF THE ATTACK IP
https://docs.google.com/spreadsheets/d/AcLSFNivGXo5DnoPqAdVxHB7qQrUvxjgXxmrGhEFH6v4/edit?usp=sharing

2 Likes
6

download (30)

WE HAVE FOUND THAT SOMEONE IS LOGIN 24 HRS AGO FROM THE USA

Untitled design (1)
Untitled design (1)1920×1080 111 KB

2 Likes