Рубрика: digitalocean.com

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 159.203.126.35 on port 22339 TCP: $ telnet 159.203.126.35 22339 Trying 159.203.126.35… Connected to 159.203.126.35. Escape character… Читать далее DCRat botnet controller @159.203.126.35

2022-02-10 s100viewpoints.com. 60 IN A 159.223.52.198 Received: from DB6PR0301CA0048.eurprd03.prod.outlook.com (2603:10a6:4:54::16) Date: Thu, 03 Feb 2022 02:5x:xx +0000 From: Top Alternative Investment <[]@[].s100viewpoints.com> Subject: 𝗧𝗵𝗲 𝗴𝗿𝗲𝗮𝘁𝗲𝘀𝘁 𝗺𝗼𝗻𝗲𝘆 𝗿𝗲𝘃𝗼𝗹𝘂𝘁𝗶𝗼𝗻 𝗼𝗳 𝗮𝗹𝗹 𝘁𝗶𝗺𝗲 http://s100viewpoints.com/[] 159.223.48.46 https://volarealora.com/[] 193.124.15.64 https://www.nmxkj4trk.com/[]/?sub1=351076&sub2=[] 34.120.5.10

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 143.244.186.254 on port 80 (using HTTP POST): hXXp://mail.asadorostiz.cf/sheng/logs/fre.php $ dig +short mail.asadorostiz.cf 143.244.186.254 $ nslookup 143.244.186.254 mail.asadorostiz.cf Referencing malware binaries (MD5 hash):… Читать далее Loki botnet controller @143.244.186.254

137.184.39.50|support-citi-b8.com|2022-02-09 21:42:15 137.184.39.50|support-citi-e5.com|2022-02-10 02:16:26 137.184.39.50|support-citi-r6.com|2022-02-10 04:26:08

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 137.184.111.165 port 443… Читать далее Malware / Botnet / Phishing hosting server @137.184.111.165

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 167.99.236.104 on port 443: $ telnet 167.99.236.104 443 Trying 167.99.236.104… Connected to 167.99.236.104. Escape character is… Читать далее Malware botnet controller @167.99.236.104

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 167.99.224.180 on port 443: $ telnet 167.99.224.180 443 Trying 167.99.224.180… Connected to 167.99.224.180. Escape character is… Читать далее Malware botnet controller @167.99.224.180

With fake cloudflare error page 143.244.191.19|tmobile-fraudprevent.com|2022-02-07 17:13:16 143.244.191.19|tmobile-secureverify.com|2022-02-07 17:13:25

167.172.240.250|amacongzsecurezaccountinfomzxzs.org|2022-02-07 01:01:23 167.172.240.250|amzounzsecureeaccountsecurity.com|2022-02-01 21:11:55 167.172.240.250|paypaalsecureeaccountsecurity.com|2022-02-01 16:52:11 167.172.240.250|paypaasecureeaccountzxgzhe.org|2022-02-07 01:40:36 167.172.240.250|paypaasecureeaccountzxgzingfos.com|2022-02-01 07:11:51 167.172.240.250|paypaasecureeaccountzxgzizxda.net|2022-02-07 03:17:35 167.172.240.250|paypaasecureeaccountzxgzzxdfs.com|2022-02-06 23:16:20 167.172.240.250|paypaasecureeaccountzxgzzxdfs.net|2022-02-07 03:27:54 167.172.240.250|paypalunlockedsecurityzcount.com|2022-02-07 01:51:24 167.172.240.250|securitycentermanageaccountaskdj-zmxcbka.com|2022-02-07 06:06:21

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 159.223.25.220 on port 80 (using HTTP POST): hXXp://159.223.25.220/ Referencing malware binaries (MD5 hash): 20c7b0a3a8a030f8eba31a4a3dc52cd5 — AV detection: 55 / 69 (79.71) 344c34de03ae7b7d62a843cb37dacfd8… Читать далее RaccoonStealer botnet controller @159.223.25.220