The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 176.119.158.193 on port 443: $ telnet 176.119.158.193 443 Trying 176.119.158.193… Connected to 176.119.158.193. Escape character is… Читать далее Malware distribution & botnet controller @176.119.158.193
Рубрика: ruvds.com
Smoke botnet controller and malware distribution @194.87.253.188
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 194.87.253.188 on port 80 (using HTTP POST): hXXp://file-coin-host-12.com/ file-coin-host-12.com. 600 IN A 194.87.253.188 Referencing malware binaries (MD5 hash): 709cdc8f1ffceb73206dec78221d895e — AV… Читать далее Smoke botnet controller and malware distribution @194.87.253.188
ArkeiStealer botnet controller @45.11.26.87
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 45.11.26.87 on port 80 (using HTTP POST): hXXp://googa.link/gate1.php $ dig +short googa.link 45.11.26.87 Referencing malware binaries (MD5 hash): 0400f006fffda43a68b396a089d4cfd1 — AV detection:… Читать далее ArkeiStealer botnet controller @45.11.26.87
Malware botnet controller @194.169.163.229
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.169.163.229 on port 443: $ date && curl -ILk https://194.169.163.229/ Fri Feb 11 22:44:50 UTC 2022… Читать далее Malware botnet controller @194.169.163.229
Malware botnet controller @45.10.244.12
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.10.244.12 on port 443: $ telnet 45.10.244.12 443 Trying 45.10.244.12… Connected to 45.10.244.12. Escape character is… Читать далее Malware botnet controller @45.10.244.12
Malware / Botnet / Phishing hosting server @45.10.244.129
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 45.10.244.129 port 443… Читать далее Malware / Botnet / Phishing hosting server @45.10.244.129
Smoke botnet controller and malware distribution @193.124.118.116
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 193.124.118.116 on port 80 (using HTTP POST): hXXp://file-coin-host-12.com/ file-coin-host-12.com. 600 IN A 193.124.118.116 Referencing malware binaries (MD5 hash): 709cdc8f1ffceb73206dec78221d895e — AV… Читать далее Smoke botnet controller and malware distribution @193.124.118.116
Cybercrime sites
marketo.best. 600 IN A 195.43.142.213 marketo.cash. 600 IN A 195.43.142.213 marketo.city. 600 IN A 195.43.142.213 _______________________________ Was: 193.178.172.74 marketo.best 2022-02-07 22:07:06 193.178.172.74 marketo.cash 2022-02-07 22:06:31 193.178.172.74 marketo.city 2022-02-07 22:07:04 193.178.172.74 marketo.cloud 2022-02-08 04:06:24 _______________________________ Was: kraten.info. 600 IN A 185.212.148.175 185.212.148.175 marketo.best 2022-01-31 15:31:59 185.212.148.175 marketo.cash 2022-01-31 15:12:25 185.212.148.175 marketo.center 2022-02-01 16:22:03 185.212.148.175 marketo.city 2022-01-31… Читать далее Cybercrime sites
Malware botnet controller @45.8.228.16
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.228.16 on port 443: $ telnet 45.8.228.16 443 Trying 45.8.228.16… Connected to 45.8.228.16. Escape character is… Читать далее Malware botnet controller @45.8.228.16
Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)
Stolen credit card data websites: https://ascarding.com/ >>> https://infodig.is/ infodig.ch. 600 IN A 45.132.18.84 infodig.domains. 600 IN A 45.132.18.84 infodig.sx. 600 IN A 45.132.18.84 ________________ Was: infodig.ch. 600 IN A 91.224.22.37 infodig.domains. 600 IN A 91.224.22.37 infodig.sx. 600 IN A 91.224.22.37 ________________ Was: infodig.ch. 600 IN A 94.142.143.16 infodig.domains. 600 IN A 94.142.143.16 infodig.sx. 600 IN… Читать далее Carding fraud site/forum: infodig.is (InfoDIG.sx InfoDIG.ch InfoDIG.domains infodig.mn)