Brute Force Attept Blocked, But Where Originating?

I get numerous notifications each day that state: "Multiple failed login attempts were made by 80.66.88.208 using the protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy." All good, but what is "the protocol"? I am trying to figure out where this is originating - as in a failed LAN attempted login or some malicious software? Appears there should be some description of "the _________ protocol" that is missing in the notification. The IP addresses (in this example 80.66.88.208) are generally different for each notification and these are not on my LAN. Concerned that something on my LAN or computer is trying to talk to these external devices. Thanks for any insights.

Best Answer

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭
    Answer ✓

    Hello.

    I think that the best option for you is to contact Bitdefender Consumer Support, as the support engineers could take a deeper look at the issue, so do the steps below.

    First, take screenshot(s) of the issue,

    create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

    and

    create a log file on your Windows device using BDsysLog, by following these steps:

    Next, contact Bitdefender Consumer Support by e-mail:

    with short description of the issue.

    After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

    Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

    Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

    Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

    Regards.

Answers

  • Thank you Gjoksi for your quick and detailed suggestion.

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod

    In addition to above stated steps by @Gjoksi, I would also request you to reset your router/ modem to default settings and then change the settings as per your requirements.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Cosmin P.
    Cosmin P. QA Engineer ✭✭✭

    Hello,


    The protocol should be RDP, we have an issue where we do not display the protocol correctly.

    The detection seems legit after a quick google search: https://www.abuseipdb.com/check/80.66.88.208

  • Thank you! @Cosmin P. 👍️

    Premium Security & Bitdefender Endpoint Security Tools user