The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 172.67.209.118 on port 80 (using HTTP POST): hXXp://gridnetworks.xyz/five/fre.php $ dig +short gridnetworks.xyz 172.67.209.118 Referencing malware binaries (MD5 hash): 1d03eee90db5e3881e7111490bd0d76d — AV detection:… Читать далее Loki botnet controller @172.67.209.118
Рубрика: cloudflare.com
Loki botnet controller @104.21.92.21
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.92.21 on port 80 (using HTTP POST): hXXp://bobbyelectronics.xyz/five/fre.php $ dig +short bobbyelectronics.xyz 104.21.92.21 Referencing malware binaries (MD5 hash): 03c4801d0dc21f4d6f0ba7df857844f9 — AV detection:… Читать далее Loki botnet controller @104.21.92.21
Loki botnet controller @104.21.62.32
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 104.21.62.32 on port 80 (using HTTP POST): hXXp://74f26d34ffff049368a6cff8812f86ee.gq/BN111/fre.php $ dig +short 74f26d34ffff049368a6cff8812f86ee.gq 104.21.62.32 Referencing malware binaries (MD5 hash): 5d671adb11b9ba100b3be4ca7c45880f — AV detection:… Читать далее Loki botnet controller @104.21.62.32
RacoonStealer botnet controller @104.21.67.139
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RacoonStealer botnet controller located at 104.21.67.139 on port 80 (using HTTP GET): hXXp://telegalive.top/agrybirdsgamerept $ dig +short telegalive.top 104.21.67.139 Referencing malware binaries (MD5 hash): 0f501c684fc4bb8e1b28d00b83f24232 — AV detection:… Читать далее RacoonStealer botnet controller @104.21.67.139
OskiStealer botnet controller @104.21.36.85
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 104.21.36.85 on port 80 (using HTTP POST): hXXp://gervenez.xyz/6.jpg $ dig +short gervenez.xyz 104.21.36.85 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @104.21.36.85
Phishing payload against the Finnish government authentication site
$ host suomi-site.cloud suomi-site.cloud has address 172.67.217.151 suomi-site.cloud has address 104.21.59.66 suomi-site.cloud has IPv6 address 2606:4700:3032::6815:3b42 suomi-site.cloud has IPv6 address 2606:4700:3033::ac43:d997
Phishing payload against the Finnish government authentication site
$ host suomi-site.cloud suomi-site.cloud has address 172.67.217.151 suomi-site.cloud has address 104.21.59.66 suomi-site.cloud has IPv6 address 2606:4700:3032::6815:3b42 suomi-site.cloud has IPv6 address 2606:4700:3033::ac43:d997
RaccoonStealer botnet controller @172.67.157.163
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 172.67.157.163 on port 80 (using HTTP GET): hXXp://ttmirror.top/agrybirdsgamerept $ dig +short ttmirror.top 172.67.157.163 Referencing malware binaries (MD5 hash): 0211971320aa3e95c0a3cbe2b8b78bd4 — AV detection:… Читать далее RaccoonStealer botnet controller @172.67.157.163
RaccoonStealer botnet controller @104.21.68.139
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 104.21.68.139 on port 80 (using HTTP GET): hXXp://teletele.top/jdiamond13 $ dig +short teletele.top 104.21.68.139 Referencing malware binaries (MD5 hash): 3812d9bb5e5095c90111774e35ea661e — AV detection:… Читать далее RaccoonStealer botnet controller @104.21.68.139
RaccoonStealer botnet controller @104.21.8.181
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 104.21.8.181 on port 80 (using HTTP GET): hXXp://ttmirror.top/jdiamond13 $ dig +short ttmirror.top 104.21.8.181 Referencing malware binaries (MD5 hash): 0084fcf83e2875ea3da9af69855c5ed2 — AV detection:… Читать далее RaccoonStealer botnet controller @104.21.8.181