Yeah I've been seeing a lot of these and we confirmed today that just by going through a few of them that they'll hammer servers non stop until they bruteforce the password and get in - as soon as it gets in, all incorrect root login attempts basically stop.
Something worth noting is it seems...