Рубрика: ruvds.com

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 195.133.47.114 on port 38127 TCP: $ telnet 195.133.47.114 38127 Trying 195.133.47.114… Connected to 195.133.47.114. Escape character… Читать далее RedLineStealer botnet controller @195.133.47.114

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. CryptBot botnet controller located at 194.87.253.215 on port 80 (using HTTP POST): hXXp://tisqls52.top/index.php $ dig +short tisqls52.top 194.87.253.215

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. ArkeiStealer botnet controller located at 194.87.80.153 on port 80 (using HTTP GET): hXXp://guseyn.space/ggate.php $ dig +short guseyn.space 194.87.80.153 Referencing malware binaries (MD5 hash): 3709698dfdf7fa9c2f4a7b41ecad5e13 — AV detection:… Читать далее ArkeiStealer botnet controller @194.87.80.153

176.113.80.149 google-site-verification.com 2021-11-29 02:21:09 176.113.80.149 googletags-manager.com 2021-11-29 02:36:22 176.113.80.149 script-analytic.com 2021-11-30 02:36:40 176.113.80.149 script-analytics.com 2021-11-30 02:36:30 _____________ Was: 85.192.56.21 googletags-manager.com 2021-11-18 02:06:29 85.192.56.21 script-analytic.com 2021-11-18 01:41:15 85.192.56.21 script-analytics.com 2021-11-18 01:46:15 _____________ Was: google-site-verification.com. 600 IN A 194.113.107.118 _____________ Was: google-site-verification.com. 600 IN A 193.42.112.78 _____________ Was: google-site-verification.com. 600 IN A 62.113.117.27 _____________ Was: 178.218.213.234 google-site-verification.com… Читать далее Botnet spammed phishing domains: Phishing Google users.

Received: from aecj.www39.zippyshare.com (20.87.50.124) From: Ekstra Bitcoin<[]@reconditereunite.co.uk> Subject: Hvordan Mads Mikkelsen investerer sine millioner Date: Fri, 12 Nov 2021 18:1x:xx +0100 http://underwritecopyright.co.uk/[] underwritecopyright.co.uk. 60 IN A 194.87.57.111 If you no longer wish to receive these emails please unsubscribe here Or wright to: 9901 Brodie Lane Ste 160 Austin, TX 78748

Received: from er0o.cazitex.be (40.86.186.112) From: Slots Casino<[]@oneshoptattoo.com> Subject: 500 � tervetuliaisbonuksen + 50 ilmaiskierrosta Date: Wed, 03 Nov 2021 14:3x:xx +0100 http://oneshoptattoo.com/[] oneshoptattoo.com. 35 IN A 45.143.95.124

Spam source. ======================================================================= Received: from songlyrics.com (unknown [85.208.208.107]) by x (Postfix) with ESMTP id x for <x>; Mon, 25 Oct 2021 xx:xx:xx +0200 (CEST) From: B i t c o i n <contact@grahamrfarren.com> Subject: B i t c o i n👑 success, easier than the stock market To: x Content-Type: text/html Content-Transfer-Encoding: amazonses.com Date: Mon,… Читать далее spam source

Received: from fxpro.com (176.119.157.156) Date: Fri, 22 Oct 2021 02:1x:xx +0000 From: Betaling N.[]mBTC <> Subject: FWD: Your account contains a large amount of revenue

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 194.87.210.83 on port… Читать далее Malware / Botnet / Phishing hosting server @194.87.210.83

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 194.32.248.86 on port… Читать далее Malware / Botnet / Phishing hosting server @194.32.248.86