Elevated Risk
IP 91.92.243.235 is a high-risk address assessed at 8/10 threat level with 93% confidence, primarily linked to WordPress login brute-force attacks originating from the Omegatech LTD network in the United States. The IP has accumulated 158 total abuse reports, with automated honeypot sensors flagging it 20 times for WordPress authentication abuse during April 2026 alone, making it a persistent and active threat to web-facing authentication systems.
Analysis of the detection data reveals sustained malicious activity concentrated in April 2026, with the dominant threat vector being WordPress brute-force login attempts. The 93% confidence score and elevated activity frequency of 8/10 indicate a reliable threat profile backed by substantial reporting volume. This activity was captured through automated honeypot infrastructure, with internal fail2ban telemetry confirming repeated wordpress-escalation jail violations totalling 50 instances, alongside 5 recidive violations indicating the source has been blocked previously yet continues targeting systems. The presence of multi-jail offender patterns demonstrates deliberate, repeated engagement with authentication infrastructure.
WordPress brute-force attacks represent a concrete and serious threat to any organisation running WordPress instances. Attackers systematically enumerate username and password combinations against the wp-login.php endpoint, exploiting weak or default credentials to gain unauthorised administrative access. Once compromised, an attacker can install malicious plugins, inject malware, exfiltrate sensitive data, or pivot to further network intrusion. The fail2ban wordpress-escalation pattern detected here signals that the attacker has already been blocked by standard defensive rules yet persistently retries from this address, indicating either automated tooling or deliberate intent to overwhelm authentication systems.
Site operators should immediately block this IP at the firewall or network perimeter, and configure web application firewalls to rate-limit authentication endpoints. Implementing multi-factor authentication on all WordPress administrator accounts significantly raises the bar for credential-based attacks. Tools such as fail2ban should be tuned with aggressive wordpress-escalation thresholds and recidive jail settings to automatically block repeat offenders. Regular monitoring of authentication logs for unusual request patterns from this address and enforcement of strong password policies across all accounts will further reduce exposure to this class of threat.
MU 
MX 
SC 
UA 
RO 
EG