The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 176.9.148.153 on port 443. $ telnet 176.9.148.153 443 Trying 176.9.148.153… Connected to 176.9.148.153. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @176.9.148.153
Рубрика: hetzner.de
ArkeiStealer botnet controller @116.202.1.195
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 116.202.1.195 on port 80 (using HTTP GET): hXXp://116.202.1.195/ $ nslookup 116.202.1.195 static.195.1.202.116.clients.your-server.de Referencing malware binaries (MD5 hash): ad1b502b6714c0a374b055332018974b — AV detection: 26… Читать далее ArkeiStealer botnet controller @116.202.1.195
RustyStealer botnet controller @95.217.123.28
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. RustyStealer botnet controller located at 95.217.123.28 on port 80 (using HTTP POST): hXXp://mythic.fckinpwned.cn/data $ dig +short mythic.fckinpwned.cn 95.217.123.28 $ nslookup 95.217.123.28 static.28.123.217.95.clients.your-server.de Referencing malware binaries (MD5 hash):… Читать далее RustyStealer botnet controller @95.217.123.28
ArkeiStealer botnet controller @159.69.101.49
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 159.69.101.49 on port 80 (using HTTP POST): hXXp://159.69.101.49/ $ nslookup 159.69.101.49 static.49.101.69.159.clients.your-server.de Referencing malware binaries (MD5 hash): 67fe8a8dca32f7c9326e3ddf75e0eb9e — AV detection: 27… Читать далее ArkeiStealer botnet controller @159.69.101.49
Abused crypto currency mining pool
The host at this IP address is running a crypto currency mining pool that is currently being abused by cybercriminals for mining crypto currencies on malware infected computers. The following information should be sufficient for the identification and suspension of the abusive users: {«id»:1,»jsonrpc»:»2.0″,»method»:»login»,»params»:{«login»:»45XQiu9A9vmVd5Cy6X35M12NocUr2Hx69X4ZNNu2BsKJYkdksefg2gXJyvBUeEJyDWTfLD6GWmAu4Tab1w4tycfcFMqy8yH.x»,»pass»:»x»,»agent»:»XMRig/6.16.4 (Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019″,»algo»:[«cn/1″,»cn/2″,»cn/r»,»cn/fast»,»cn/half»,»cn/xao»,»cn/rto»,»cn/rwz»,»cn/zls»,»cn/double»,»cn/ccx»,»cn-lite/1″,»cn-heavy/0″,»cn-heavy/tube»,»cn-heavy/xhv»,»cn-pico»,»cn-pico/tlo»,»cn/upx2″,»rx/0″,»rx/wow»,»rx/arq»,»rx/graft»,»rx/sfx»,»rx/keva»,»argon2/chukwa»,»argon2/chukwav2″,»argon2/ninja»,»astrobwt»,»ghostrider»]}}
ArkeiStealer botnet controller @95.217.244.41
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 95.217.244.41 on port 80 (using HTTP GET): hXXp://95.217.244.41/ $ nslookup 95.217.244.41 static.41.244.217.95.clients.your-server.de Referencing malware binaries (MD5 hash): 2683b53d541f766e9609ebb105b3aec5 — AV detection: 28… Читать далее ArkeiStealer botnet controller @95.217.244.41
DCRat botnet controller @176.9.31.109
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 176.9.31.109 on port 3674 TCP: $ telnet 176.9.31.109 3674 Trying 176.9.31.109… Connected to 176.9.31.109. Escape character… Читать далее DCRat botnet controller @176.9.31.109
AsyncRAT botnet controller @49.12.0.239
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 49.12.0.239 on port 3760 TCP: $ telnet 49.12.0.239 3760 Trying 49.12.0.239… Connected to 49.12.0.239. Escape character… Читать далее AsyncRAT botnet controller @49.12.0.239
Botnet infrastucture @188.127.235.177
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 157.90.114.133 on port 443: $ telnet 188.127.235.177 443 Trying 188.127.235.177… Connected to 188.127.235.177. Escape character is ‘^]’ Related malicious domains observed at… Читать далее Botnet infrastucture @188.127.235.177
Malware botnet controller @78.47.1.204
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 78.47.1.204 on port 443. $ telnet 78.47.1.204 443 Trying 78.47.1.204… Connected to 78.47.1.204. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @78.47.1.204