The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 95.143.178.139 on port 9006 TCP: $ telnet 95.143.178.139 9006 Trying 95.143.178.139… Connected to 95.143.178.139. Escape character… Читать далее RedLineStealer botnet controller @95.143.178.139
Рубрика: selectel.ru
Malware distribution @194.87.185.80
The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://petknorra.com/index.php petknorra.com. 600 IN A 194.87.185.80
Malware botnet controller @194.87.185.7
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.7 on port 443: $ telnet 194.87.185.7 443 Trying 194.87.185.7… Connected to 194.87.185.7. Escape character is… Читать далее Malware botnet controller @194.87.185.7
spam emitters
Received: from s6.sergonet.ru (sergonet.ru [109.71.13.6]) Date: Fri, 24 Dec 2021 17:0x:xx +0000 From: Aleksandr <info@s6.sergonet.ru> Subject: Предложение 109.71.13.2 eseneno.ru 109.71.13.3 derwerer.ru 109.71.13.4 welbryh.ru 109.71.13.5 twentow.ru 109.71.13.6 sergonet.ru
Spamvertised bitcoin scam.
Was SBL539142 — 31.28.27.55/32 194.87.185.48 herocryptos.cn 194.87.185.48 nicenecei.herocryptos.cn Was SBL539130 — 109.107.184.17/32 herocrytpos.cn has address 31.28.27.55 Was SBL538705 — 92.38.188.183 109.107.184.17 herocryptos.cn 109.107.184.17 nicenecei.herocryptos.cn Was SBL538448 — 5.188.88.24 92.38.188.183 herocryptos.cn 92.38.188.183 nicenecei.herocryptos.cn ————————- 5.188.88.24 nicenecei.herocryptos.cn 5.188.88.24 herocryptos.cn Usually spamvertised using hacked WP sites.
Malware botnet controllers @1194.87.1.88
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.1.88 on port 443: $ telnet 194.87.1.88 443 Trying 194.87.1.88… Connected to 194.87.1.88. Escape character is… Читать далее Malware botnet controllers @1194.87.1.88
Malware / Botnet / Phishing hosting server @194.87.185.14
According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware botnet controller located at 194.87.185.14 port 443… Читать далее Malware / Botnet / Phishing hosting server @194.87.185.14
Malware botnet controller @194.87.185.2
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 194.87.185.2 on port 443: $ telnet 194.87.185.2 443 Trying 194.87.185.2… Connected to 194.87.185.2. Escape character is… Читать далее Malware botnet controller @194.87.185.2
Carding fraud site/forums: fe-acc18.ru
Stolen credit card data sites: https://procrd.biz/ >>> https://i.imgur.com/dnhfzOq.gif >>> https://www.fe-acc18.ru/ 94.26.250.66 fe-acc18.ru 2021-12-17 20:34:25 ________________ Was: 213.52.129.206 fe-acc18.ru 2021-12-17 01:23:41 ________________ Was: 185.236.231.138 fe-acc18.ru 2021-12-15 15:38:08 ________________ Was: 159.203.41.229 fe-acc18.ru 2021-12-13 03:21:12 ________________ Was: 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 45.9.20.217 fe-acc18.ru 2021-12-09 23:33:45 216.73.159.30 fe-acc18.ru 2021-12-11 00:05:42 ________________ Was: 91.241.19.78 fe-acc18.ru 2021-12-09 01:40:53 ________________… Читать далее Carding fraud site/forums: fe-acc18.ru
Phishing sites
80.249.148.176 lloyds-online-i87349019.com 2021-12-14 01:26:02 80.249.148.176 lloyds-online-jk8899445.com 2021-12-14 01:26:02 80.249.148.176 lloyds-online-uk991002.com 2021-12-14 01:46:09 ____________________ Was: 47.251.44.200 accesdmobilecanada64441.com 2021-12-13 01:10:36 47.251.44.200 accesdmobilecanada73454.com 2021-12-13 02:20:42 47.251.44.200 accesdmobilecanada83731.com 2021-12-12 14:40:44 47.251.44.200 accxomptebncdesac.com 2021-12-12 21:30:34 47.251.44.200 accxomptedesactiv01.com 2021-12-12 21:30:43 47.251.44.200 accxomptedesactiv01.online 2021-12-12 01:32:09 47.251.44.200 bncservices1support57327.com 2021-12-12 19:40:57 47.251.44.200 lloyds-online-jk8899445.com 2021-12-13 05:50:51 47.251.44.200 lloyds-online-uk991002.com 2021-12-13 02:36:16 47.251.44.200 mobilecanadasecured73631.com 2021-12-12 02:16:12 47.251.44.200… Читать далее Phishing sites