The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 51.104.51.161 on port 2021 TCP: $ telnet 51.104.51.161 2021 Trying 51.104.51.161… Connected to 51.104.51.161. Escape character… Читать далее NanoCore botnet controllers @51.104.51.161
Рубрика: microsoft.com
Abused / misconfigured newsletter service (listbombing)
The host at this IP address is being (ab)used to «listbomb» email addresses: From: info@schulman.nl Subject: Slechts één dag te gaan — Only one day to go Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and… Читать далее Abused / misconfigured newsletter service (listbombing)
Malware botnet controller @13.66.29.191
Malware botnet controller hosted here: http://13.66.29.191/paodequeijo/HGFGHGFH.php
Bandook botnet controller @40.124.50.181
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 40.124.50.181 on port 3214 TCP: $ telnet 40.124.50.181 3214 Trying 40.124.50.181… Connected to 40.124.50.181. Escape character… Читать далее Bandook botnet controller @40.124.50.181
njrat botnet controller @104.211.53.32
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 104.211.53.32 on port 5150 TCP: $ telnet 104.211.53.32 5150 Trying 104.211.53.32… Connected to 104.211.53.32. Escape character… Читать далее njrat botnet controller @104.211.53.32
Cybergate botnet controller @104.41.13.0
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 104.41.13.0 on port 1996 TCP: $ telnet 104.41.13.0 1996 Trying 104.41.13.0… Connected to 104.41.13.0. Escape character… Читать далее Cybergate botnet controller @104.41.13.0
Spamming to non-COI email addresses: skreened.com / convertkit-mail2.com
Listbombing sign-up? Received: from vdds-55.westus.cloudapp.azure.com (HELO n4xi.skreened.com) (40.118.251.18) by xx; Thu, 04 Mar 2021 16:29:30 +0000 Received: from mx04.secrz.com (mx04.secrz.com [89.202.107.198]) by mx.kpnmail.nl (Halon) with ESMTPS id xx; Thu, 04 Mar 2021 10:22:27 +0100 (CET) From: «NOS B|tco|n» <shop@lidl-shop.nl> Date: Thu, 04 Mar 2021 17:22:49 +0100 Subject: Je kans is aangebroken! Message-Id: <xx@lidl-shop.nl> To: xx… Читать далее Spamming to non-COI email addresses: skreened.com / convertkit-mail2.com
Abused / misconfigured newsletter service (listbombing)
The host at this IP address is being (ab)used to «listbomb» email addresses: From: g.bunschotenboon@telfort.nl Subject: .Je kans is aangebroken! Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In… Читать далее Abused / misconfigured newsletter service (listbombing)
AveMariaRAT botnet controller @137.116.87.64
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 137.116.87.64 on port 8400 TCP: $ telnet 137.116.87.64 8400 Trying 137.116.87.64… Connected to 137.116.87.64. Escape character… Читать далее AveMariaRAT botnet controller @137.116.87.64
Abused / misconfigured newsletter service (listbombing)
The host at this IP address is being (ab)used to «listbomb» email addresses: From: sdgfdgcv@outlook.com Subject: Do You Need A Loan? We Offer 3.5% Interest Rate. Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk… Читать далее Abused / misconfigured newsletter service (listbombing)