PSA: Beware | Nitro-Webhook-Agent

  • Resolved Generosus

    (@generosus)


    4 months, 1 week ago

    *** Public Service Announcement ***

    Issue:

    After complete removal of the plugin, NitroPack, the servers and/or IPs associated with NitroPack continue to ping or scrape websites for information via the user agent: Nitro-Webhook-Agent.

    Attacking IPs:

    46.101.77.196
    159.65.180.53
    178.62.81.205

    Click here for more information.

    Recommendations:

    1. Requesting Team Sucuri investigate in more detail this finding for comments and/or update their WAF rules for additional user protection.
    2. Until the issue is solved (permanently) by the developers of NitroPack, highly recommend blocking the above IPs and User Agent via Sucuri Security and/or CDN (via WAF rule).

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Generosus

    (@generosus)

    Note:

    The above recommendations apply only if the NitroPack plugin has been used in the past and is no longer needed.

    Cheers!

    Plugin Support sucuri1

    (@sucuri1)

    @generosus Thank you so much for letting us know about this issue. We’ll have our team take a look at the issue and see what can be done.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.