The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 193.124.118.77 on port 80 (using HTTP POST): hXXp://sempersim.su/ge12/fre.php sempersim.su. 600 IN A 193.124.118.77 Referencing malware binaries (MD5 hash): 282597edf1d6759a52472a855ed9e14f — AV detection:… Читать далее Loki botnet controller @193.124.118.77
Рубрика: ruvds.com
Hosting phishing domains
213.178.155.116 ajaxtracker.com 2022-03-27 07:01:26 213.178.155.116 jqueryllc.net 2022-03-28 06:12:01 ______________________ Was: ajaxtracker.com. 600 IN A 209.209.114.121 jqueryllc.net. 600 IN A 209.209.114.121 ______________________ Was: ajaxtracker.com. 600 IN A 93.189.41.184 jqueryllc.net. 600 IN A 93.189.41.184 ______________________ Was: ajaxtracker.com. 600 IN A 194.87.110.112 jqueryllc.net. 600 IN A 194.87.110.112 ______________________ Was: ajaxtracker.com. 600 IN A 185.244.180.46 jqueryllc.net. 600 IN A… Читать далее Hosting phishing domains
Carding network DNS Host
ns1.silver-card.ru. 14400 IN A 45.132.19.4 buy-cc.net name server ns1.silver-card.ru. buy-live-cc-online.com name server ns1.silver-card.ru. buy-live-cc-online.su name server ns1.silver-card.ru. buybanklogins.com name server ns1.silver-card.ru. buybest.link name server ns1.silver-card.ru. buycvv.info name server ns1.silver-card.ru. buycvvdumps.com name server ns1.silver-card.ru. buypin.org name server ns1.silver-card.ru. c4rd3r.com name server ns1.silver-card.ru. candywendy69.net name server ns1.silver-card.ru. card-house.su name server ns1.silver-card.ru. carder00.com name server ns1.silver-card.ru. carder007.shop name… Читать далее Carding network DNS Host
Malware / Botnet / Phishing hosting server @85.208.208.74
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 85.208.208.74 443 TCP:… Читать далее Malware / Botnet / Phishing hosting server @85.208.208.74
Malware botnet controller @195.133.45.32
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 195.133.45.32 port 443: $ telnet 195.133.45.32 443 Trying 195.133.45.32… Connected to 195.133.45.32. Escape character is ‘^]’… Читать далее Malware botnet controller @195.133.45.32
Malware botnet controller @193.42.113.3
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 193.42.113.3 on port 443. $ telnet 193.42.113.3 443 Trying 193.42.113.3… Connected to 193.42.113.3. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @193.42.113.3
Malware botnet controller @46.17.248.66
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 46.17.248.66 port 443: $ telnet 46.17.248.66 443 Trying 46.17.248.66… Connected to 46.17.248.66. Escape character is ‘^]’… Читать далее Malware botnet controller @46.17.248.66
Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Stolen credit card data websites (DNS servers): ns1.idinaxui-netspama.ru. 7168 IN A 45.8.228.10 ns2.idinaxui-netspama.ru. 7159 IN A 2.57.187.26 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 2.57.187.21 ns2.idinaxui-netspama.ru. 7159 IN A 213.178.155.85 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 46.17.248.102 ns2.idinaxui-netspama.ru. 7159 IN A 94.103.88.31 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 87.251.79.154 ns2.idinaxui-netspama.ru. 7159 IN A 195.2.81.30 ___________________ Was:… Читать далее Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
Stolen credit card data websites (DNS servers): ns1.idinaxui-netspama.ru. 7168 IN A 194.87.80.24 ns2.idinaxui-netspama.ru. 7159 IN A 2.57.187.26 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 185.244.182.153 ns2.idinaxui-netspama.ru. 7159 IN A 213.178.155.85 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 109.107.172.149 ns2.idinaxui-netspama.ru. 7159 IN A 213.178.155.85 ___________________ Was: ns1.idinaxui-netspama.ru. 7168 IN A 46.17.248.102 ns2.idinaxui-netspama.ru. 7159 IN A 94.103.88.31 ___________________ Was:… Читать далее Credit card fraud gang hosting (DNS): idinaxui-netspama.ru (vmad.su / amazingdumpsshop.ru / cvv-fullz-shop.ru etc.)
ArkeiStealer, Smoke botnet controller and malware distribution @45.10.244.53
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. The host at this IP address is running… Читать далее ArkeiStealer, Smoke botnet controller and malware distribution @45.10.244.53