Malware / Botnet / Phishing hosting server @45.10.244.108

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address.

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 45.10.244.108 port 443:
$ telnet 45.10.244.108 443
Trying 45.10.244.108…
Connected to 45.10.244.108.
Escape character is ‘^]’

Malicious domains observed on this IP address:
ch-accounts-binance.com. 600 IN A 45.10.244.108
ch-compliance-binance.com. 600 IN A 45.10.244.108
dnb-mobilbankno.com. 600 IN A 45.10.244.108
es-blockchain.com. 600 IN A 45.10.244.108
espana-blockchain.com. 600 IN A 45.10.244.108
m-sparebank.info. 600 IN A 45.10.244.108
mmc-ventures.com. 600 IN A 45.10.244.108
nordea-norge.info. 600 IN A 45.10.244.108
nordeafi-peruutus.com. 600 IN A 45.10.244.108
opfi-peruutus.com. 600 IN A 45.10.244.108
ph-accounts-binance.com. 600 IN A 45.10.244.108
rebate-binance.com. 600 IN A 45.10.244.108
tesla-santander.com. 600 IN A 45.10.244.108

Опубликовано
В рубрике ruvds.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *