It’s been awhile, sorry to keep you waiting.
As of this post date, a large botnet is currently trying to gain access to many dashboards on WordPress sites, using various IP addresses from across the globe. Most of the IP addresses included in the botnet are mainly located within Amazon AWS and cellular servers. Luckily, it was easy for me to identify which addresses are engaged in this malicious activity, solely by looking at their user-agents via live web traffic (courtesy of Wordfence Security).
If you currently run a WordPress site, block this user-agent immediately, either by using htaccess or by using a security plugin:
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1
Have a good day, and stay safe.
– S.I.