Loki botnet controller @194.169.163.77

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 194.169.163.77 port 443:
$ telnet 194.169.163.77 443
Trying 194.169.163.77…
Connected to 194.169.163.77.
Escape character is ‘^]’

Malicious domains observed at this IP address:
app-decline-transaction-help.com. 600 IN A 194.169.163.77
customer-id8319.com. 600 IN A 194.169.163.77
decline-transaction-request-help.com. 600 IN A 194.169.163.77
deliveryparceluk-reschedule.info. 600 IN A 194.169.163.77
lloyds-accessaccount.com. 600 IN A 194.169.163.77
mysantsmobile-app.com. 600 IN A 194.169.163.77
nhs-applycovid-pass.com. 600 IN A 194.169.163.77
nhscovidapplypass.com. 600 IN A 194.169.163.77
o2updatebilling.com. 600 IN A 194.169.163.77
orderhome-testkit.com. 600 IN A 194.169.163.77
po-local-branchs.com. 600 IN A 194.169.163.77
po-missed-shipment.com. 600 IN A 194.169.163.77
po-redeliverpackage.com. 600 IN A 194.169.163.77
post-relocation.com. 600 IN A 194.169.163.77
posupport-help.com. 600 IN A 194.169.163.77
reschedule-mypo.com. 600 IN A 194.169.163.77
revenue-taxreturn.com. 600 IN A 194.169.163.77

Опубликовано
В рубрике ruvds.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *