According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 45.10.247.88 port 443… Читать далее Malware / Botnet / Phishing hosting server @45.10.247.88
Рубрика: ruvds.com
Cybercrime sites
luxchecker.pm. 600 IN A 45.11.26.85 luxchecker.pw. 600 IN A 45.11.26.85 _______________________________ Was: luxchecker.pm. 600 IN A 194.36.178.116 luxchecker.pw. 600 IN A 194.36.178.116 _______________________________ Was: luxchecker.pm. 600 IN A 185.244.181.16 luxchecker.pw. 600 IN A 185.244.181.16 _______________________________ Was: luxchecker.pm. 600 IN A 80.66.64.199 luxchecker.pw. 600 IN A 80.66.64.199 _______________________________ Was: 94.142.140.254 luxchecker.pm 2022-03-01 23:13:51 94.142.140.254 luxchecker.pw 2022-03-01… Читать далее Cybercrime sites
Smoke Loader botnet controller @45.132.17.131
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 45.132.17.131 on port 80 (using HTTP POST): hXXp://afrocalite.ga/ afrocalite.ga. 600 IN A 45.132.17.131 Referencing malware binaries (MD5 hash): 3d75271eb12cedd6440f8ed22724840c — AV… Читать далее Smoke Loader botnet controller @45.132.17.131
Malware botnet controller @194.87.253.110
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 194.87.253.110 on port 443: $ telnet 194.87.253.110 443 Trying 194.87.253.110… Connected to 194.87.253.110. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @194.87.253.110
ArkeiStealer botnet controller @195.133.45.103
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 195.133.45.103 on port 80 (using HTTP POST): hXXp://ginta.link/51874.php ginta.link. 600 IN A 195.133.45.103 Referencing malware binaries (MD5 hash): 7fa2addd324521e120f07e6fd1f6d190 — AV detection:… Читать далее ArkeiStealer botnet controller @195.133.45.103
Malware distribution & botnet controller @46.17.248.27
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 46.17.248.27 on port 443: $ telnet 46.17.248.27 443 Trying 46.17.248.27… Connected to 46.17.248.27. Escape character is… Читать далее Malware distribution & botnet controller @46.17.248.27
phishing server
194.87.57.57|boi-alerts-ie.com|2022-03-02 11:34:38
Malware botnet controller @45.132.17.10
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 45.132.17.10 on port 443: $ telnet 45.132.17.10 443 Trying 45.132.17.10… Connected to 45.132.17.10. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @45.132.17.10
Malware botnet controller @176.113.83.96
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 176.113.83.96 on port 443: $ telnet 176.113.83.96 443 Trying 176.113.83.96… Connected to 176.113.83.96. Escape character is… Читать далее Malware botnet controller @176.113.83.96
Botnet spammed phishing domains: Phishing Google users.
213.226.112.51 google-site-verification.com 2022-02-24 03:39:57 213.226.112.51 googletags-manager.com 2022-02-24 03:31:59 213.226.112.51 script-analytic.com 2022-02-24 03:20:42 213.226.112.51 script-analytics.com 2022-02-24 03:37:01 _____________ Was: 92.38.149.48 google-site-verification.com 2022-02-23 04:18:27 92.38.149.48 googletags-manager.com 2022-02-23 04:36:48 92.38.149.48 script-analytic.com 2022-02-23 04:21:14 92.38.149.48 script-analytics.com 2022-02-23 04:41:09 _____________ Was: google-site-verification.com. 600 IN A 5.188.88.60 googletags-manager.com. 600 IN A 5.188.88.60 5.188.88.60 access-tdaccount.com 2022-02-15 00:00:29 5.188.88.60 apply-gov-covid.com 2021-10-25 11:36:32 5.188.88.60… Читать далее Botnet spammed phishing domains: Phishing Google users.