Рубрика: digitalocean.com

Mirai botnet controller hosted here: $ telnet 207.154.205.223 25565 Trying 207.154.205.223… Connected to 207.154.205.223. Escape character is ‘^]’.

Received: from [167.71.209.143] (helo=mta0.usdrecycling.com) From: [] <qi@gzfoison.com> Subject: [] 帐户验证 Date: 28 Dec 2021 05:0x:xx +0000 https://priceless-hypatia.137-184-60-175.plesk.page/ucc/china-mail/?email=[] priceless-hypatia.137-184-60-175.plesk.page. 3600 IN A 137.184.60.175

137.184.87.58|mobile-navyfederal.com|2021-12-28 06:21:05

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RaccoonStealer botnet controller located at 178.62.127.193 on port 80 (using HTTP GET): hXXp://178.62.127.193/charlyl12te Referencing malware binaries (MD5 hash): 12f02c15330bf864d6570c860fdd3cf5 — AV detection: 24 / 69 (34.78) 520a1cd11757b344b379af15f429cfa0… Читать далее RaccoonStealer botnet controller @178.62.127.193

137.184.107.143|contactinformation-citi.net|2021-12-26 21:50:56 137.184.107.143|wellsfargo1support.com|2021-12-26 21:51:05

69.55.59.210|citi-secure09.com|2021-12-25 01:10:50 69.55.59.210|secure-authciti.com|2021-12-25 18:00:55 69.55.59.210|secure-authwells.com|2021-12-25 19:55:50 69.55.59.210|securebankofamerica93.com|2021-12-25 03:26:28

This IP address is sending spam for OMICS (aka Remedy Putlications, aka Austin Publishing, and others) advertising its «open-access» journals. The spam is sent to scraped, purchased, or appended lists. DigitalOcean: OMICS appears to be running riot in your VPS ranges. Please find out the account name(s), connecting IPs, and other identifying information used by… Читать далее Spam Emitter (aomedtextmailjn.com) (OMICS)

This IP address is sending spam for OMICS (aka Remedy Putlications, aka Austin Publishing, and others) advertising its «open-access» journals. The spam is sent to scraped, purchased, or appended lists. OMICS claims that these journals are peer-reviewed, but they are of dubious reputation. DigitalOcean: OMICS appears to be running riot in your VPS ranges. Please… Читать далее Spam Emitter (ciomailjn.com) (OMICS)

This IP address is sending spam for OMICS (aka Remedy Publishing, aka Austin Publishing, and others) advertising its «open-access» journals. The spam is sent to scraped, purchased, or appended lists. OMICS claims that these journals are peer-reviewed, but they are of dubious reputation. DigitalOcean: OMICS appears to be running riot in your VPS ranges. Please… Читать далее Spam Emitter (clinofsurgyoa.com) (OMICS)

Received: from [159.223.149.85] (helo=mta0.wincyc.com) From: [] <zzve@ho.net> Subject: 所需的行动 [] Date: 24 Dec 2021 05:0x:xx +0000 https://priceless-hypatia.137-184-60-175.plesk.page/ucc/china-mail/?email=[] priceless-hypatia.137-184-60-175.plesk.page. 3600 IN A 137.184.60.175