A threat actor in support of Russia has compromised at least 30 Ukrainian universities as vulnerability exploit attempts have surged, according to Wordfence.
The security firm has generated useful intelligence on the the attacks campaign as it protects over 8300 Ukrainian WordPress sites, including those of private businesses, government, military and police.
The attack campaign spiked on February 25th as the invasion began.
According to Mark Maunder., CEO of Wordfence parent company Defiant, total attempts to exploit WordPress vulnerabilities in Ukraine reached 144,000 on the day of the invasion, around three times that of daily attacks from earlier in the month.
This surged even further over a longer period.
“We compiled a list of websites that had received at least double the number of attacks from the day before the invasion started, until Monday February 28, which is a window of about 5.5 days, compared to the entire 27 days before the attack started. That’s about a 10 times increase in the average daily number of attacks,” Maunder explained.