Botnet hosting (escalation)

Due to massive and repeated botnet hosting, as well as the fact that hostway provides bulletproof hosting to botnet operators by ignoring abuse reports sent by Spamhaus and 3rd parties, we consider their network as harmful and risky for our users. As a result, we advise our users to not accept network traffic from hostway.ru’s IP space.

Date: 2021-10-26
To: abuse@hostway.ru,dl@hostway.ru
Subject: SBL Notify: IP: 193.56.146.64 added to Spamhaus Botnet Controller List (BCL)

Date: 2021-11-02
To: abuse@hostway.ru,dl@hostway.ru
Subject: [Spamhaus] REMINDER: RedLineStealer botnet controller at 193.56.146.64 (SBL535139)

Date: 2021-11-05
To: abuse@hostway.ru,dl@hostway.ru
Subject: [Spamhaus] FINAL REMINDER: RedLineStealer botnet controller at 193.56.146.64 (SBL535139)

_____________________________________________________

AS number: 207566
AS name: HOSTWAY-AS, RU

Prefixes:
91.241.19.0/24 4608 7575 6762 31500 207566
193.32.164.0/22 4608 7575 6762 31500 207566
193.56.146.0/24 4608 4826 6939 207566

CIDR report:
https://www.cidr-report.org/cgi-bin/as-report?as=AS207566

_____________________________________________________

SBL536791
193.56.146.133/32 hostway.ru
18-Nov-2021 08:48 GMT
Malware botnet controller @193.56.146.133

SBL536385
193.56.146.158/32 hostway.ru
13-Nov-2021 08:09 GMT
Amadey botnet controller @193.56.146.158

SBL536381
193.56.146.36/32 hostway.ru
13-Nov-2021 08:04 GMT
Malware distribution @193.56.146.36

SBL536379
193.56.146.0/24 hostway.ru
13-Nov-2021 07:59 GMT
Dirty network: Janeiro LLC

SBL535451
193.56.146.214/32 hostway.ru
31-Oct-2021 07:32 GMT
RaccoonStealer botnet controller @193.56.146.214

SBL535427
193.56.146.244/32 hostway.ru
30-Oct-2021 21:44 GMT
Tofsee botnet controller @193.56.146.244

SBL535363
193.56.146.130/32 hostway.ru
29-Oct-2021 10:16 GMT
Carding fraud site/forums: fe-acc18.ru (DNS)

SBL535360
193.56.146.237/32 hostway.ru
29-Oct-2021 07:33 GMT
Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)

SBL535139
193.56.146.64/32 hostway.ru
26-Oct-2021 12:23 GMT
RedLineStealer botnet controller @193.56.146.64

SBL535059
193.56.146.110/32 hostway.ru
25-Oct-2021 08:14 GMT
Carding fraud site/forums: fe-acc18.ru

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *