Wordfence security plugin for WordPress has detected a very large distributed brute force login attacks against WordPress websites on the Internet.
The attack began 11:00 am eastern standard time (EST) on February 10, 2014. Wordfence personnel reported a 30-times increase in the volume of brute force attacks across WordPress websites running the WordPress.org software. The attack is being reported across the Internet from customers utilizing WordPress websites.
Wordfence has released a blog post at the following link: Large distributed brute force attack underway
Customers are encouraged to monitor their WordPress websites for any unusual activity.
Customers are encouraged to participate in the real-time Wordfence security network. This will immediately block any attack originating from an IP address that has attacked other WordPress sites.
Customers are advised to contact the vendor or subscribe to the WordPress Security mailing list
to stay current and receive the latest information on this attack.