The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 13.77.222.211 on port 7820 TCP: $ telnet 13.77.222.211 7820 Trying 13.77.222.211… Connected to 13.77.222.211. Escape character… Читать далее Vjw0rm botnet controller @13.77.222.211
Автор: blog
Vjw0rm botnet controller @20.203.136.95
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.203.136.95 on port 50933 TCP: $ telnet 20.203.136.95 50933 Trying 20.203.136.95… Connected to 20.203.136.95. Escape character… Читать далее Vjw0rm botnet controller @20.203.136.95
AsyncRAT botnet controller @20.151.200.9
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.151.200.9 on port 6606 TCP: $ telnet 20.151.200.9 6606 Trying 20.151.200.9… Connected to 20.151.200.9. Escape character… Читать далее AsyncRAT botnet controller @20.151.200.9
BitRAT botnet controller @20.80.30.45
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.80.30.45 on port 2222 TCP: $ telnet 20.80.30.45 2222 Trying 20.80.30.45… Connected to 20.80.30.45. Escape character… Читать далее BitRAT botnet controller @20.80.30.45
phishing server
hXXps://irs-gov.gov-us1.com hXXps://covid19-irs-gov.us-gpos.com $ host irs-gov.gov-us1.com irs-gov.gov-us1.com has address 20.106.157.143 New domains added regularly. gov-us1.com netflix-main-en.com us9ov.com netflix-main.com us-8233.com irs-claim-us.com saafen-us.com safeurl-amazon-us.com 20.106.157.143 covid19-irs-gov.us-gpos.com 2021-07-26 20:14:32 20.106.157.143 covid19-irs.gov-232us.com 2021-07-26 20:13:16 20.106.157.143 irs-gov-us.to-claim.com 2021-07-26 19:59:20 20.106.157.143 _.irs-gov.us-3422.com 2021-07-26 18:55:23 20.106.157.143 covid19-irs-gov.us-gops.com 2021-07-26 18:22:49 20.106.157.143 goooglesafelink.com 2021-07-26 15:43:45 20.106.157.143 redirect.goooglesafelink.com 2021-07-26 15:41:01 20.106.157.143 irs-gov.us19-gops.com 2021-07-26 15:26:56 20.106.157.143 isg0v.com… Читать далее phishing server
Phishing payload against BNP Paribas Fortis (Belgium)
$ host fortis.tullpostnord.com fortis.tullpostnord.com has address 51.103.72.154 This IP contains a live phishing payload against the customers of BNP Paribas Fortis (BE)
BitRAT botnet controller @20.80.51.178
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 20.80.51.178 on port 2222 TCP: $ telnet 20.80.51.178 2222 Trying 20.80.51.178… Connected to 20.80.51.178. Escape character… Читать далее BitRAT botnet controller @20.80.51.178
phishing server
hXXp://irs.transactional-gov-irs-753678.com/ $ host irs.transactional-gov-irs-753678.com irs.transactional-gov-irs-753678.com is an alias for transactional-gov-irs-753678.com. transactional-gov-irs-753678.com has address 13.72.74.98
phishing server
fb-privacy-1000004248715562451427-tw.tk has address 23.98.144.97 fb-privacy-1000004248715562451425-tw.tk has address 23.98.144.97 fb-privacy-1000004248715562451424-tw.tk has address 23.98.144.97 fb-privacy-1000004248715562451417-tw.tk has address 23.98.144.97 fb-privacy-1000004248715562451423-tw.tk has address 23.98.144.97 fb-privacy-1000004248715562451422-tw.tk has address 23.98.144.97
AveMariaRAT botnet controller @23.101.140.170
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 23.101.140.170 on port 302 TCP: $ telnet 23.101.140.170 302 Trying 23.101.140.170… Connected to 23.101.140.170. Escape character… Читать далее AveMariaRAT botnet controller @23.101.140.170