An aggressive tool hitting a sizable number of popular web services and platforms is trying to brute force its way in with login combinations obtained from parsing metadata from the target. The malware looks for various systems for managing content, databases, and file transfers as well as backup files and administrator login paths. The version analyzed by Cashdollar targets cPanel, Drupal, Bitrix, OpenCart, Magento, and services like MySQL, Postgres, SSH, and FTP. By using multiple machines to run the login attempts, the attackers are likely hoping to bypass brute force protections for an increased number of tries.
Source: https://www.bleepingcomputer.com/news/security/bruteforce-malware-probes-login-for-popular-web-platforms/