Malware botnet controllers @45.8.124.17

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.124.17 on port 443: $ telnet 45.8.124.17 443 Trying 45.8.124.17… Connected to 45.8.124.17. Escape character is… Читать далее Malware botnet controllers @45.8.124.17

Опубликовано
В рубрике selectel.ru

spam emitters

Received: from s8.megojom.ru (megojom.ru [77.244.216.133]) Date: Tue, 30 Nov 2021 04:0x:xx +0000 From: Aleksandr <info@s8.megojom.ru> Subject: Предложение 77.244.216.130 tefalongo.ru 77.244.216.131 eseneno.ru 77.244.216.132 derwerer.ru 77.244.216.133 megojom.ru 77.244.216.134 welbryh.ru

Опубликовано
В рубрике selectel.ru

Malicious redirectors.

Was SBL537335 47.254.173.194/32 Was SBL537237 47.74.89.251/32 Was SBL537181 47.251.40.77/32 188.246.235.218 transit-uk.com 188.246.235.218 nhs.auth-covid-pass.com hermes.online-postage-delivery.com has address 188.246.235.218 online-postage-delivery.com has address 188.246.235.218 dpd-parcel-reschedule.com has address 45.130.41.12 ————————————— Nothing legitimate is hosted here. auth-covid-pass.com has address 47.254.173.194 nhs.auth-covid-pass.com has address 47.254.173.194 delayed-gb.com has address 47.254.173.194 hermes.online-postage-delivery.com has address 47.254.173.194 online-postage-delivery.com has address 47.254.173.194 dpd-parcel-reschedule.com has address 45.130.41.12… Читать далее Malicious redirectors.

Опубликовано
В рубрике selectel.ru

Botnet hosting (escalation)

Due to massive and repeated botnet hosting, as well as the fact that hostway provides bulletproof hosting to botnet operators by ignoring abuse reports sent by Spamhaus and 3rd parties, we consider their network as harmful and risky for our users. As a result, we advise our users to not accept network traffic from hostway.ru’s… Читать далее Botnet hosting (escalation)

Опубликовано
В рубрике selectel.ru

RemoteManipulator botnet controller @77.223.124.210

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 77.223.124.210 on port 5655 TCP: $ telnet 77.223.124.210 5655 Trying 77.223.124.210… Connected to 77.223.124.210. Escape character… Читать далее RemoteManipulator botnet controller @77.223.124.210

Опубликовано
В рубрике selectel.ru

Malware botnet controllers @95.213.165.229

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 212.193.50.94 on port 80 (using HTTP POST): hXXp://xacokuo80.top/ xacokuo80.top. 600 IN A 95.213.165.229 The host at this IP address is currently… Читать далее Malware botnet controllers @95.213.165.229

Опубликовано
В рубрике selectel.ru

Malware botnet controller @194.87.1.69

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.1.69 on port 443: $ telnet 194.87.1.69 443 Trying 194.87.1.69… Connected to 194.87.1.69. Escape character is… Читать далее Malware botnet controller @194.87.1.69

Опубликовано
В рубрике selectel.ru

spam emitters

Received: from s2.megojom.ru (megojom.ru [95.213.249.189]) Date: Fri, 26 Nov 2021 09:3x:xx +0000 From: Aleksandr <info@s2.megojom.ru> Subject: Предложение 95.213.249.186 tefalongo.ru 95.213.249.187 eseneno.ru 95.213.249.188 derwerer.ru 95.213.249.189 megojom.ru 95.213.249.190 welbryh.ru

Опубликовано
В рубрике selectel.ru

Loki botnet controller @95.213.216.149

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 95.213.216.149 on port 80 (using HTTP POST): hXXp://secure01-redirect.net/fx/fre.php $ dig +short secure01-redirect.net 95.213.216.149 $ nslookup 95.213.216.149 cr10.xyz

Опубликовано
В рубрике selectel.ru