Рубрика: selectel.ru

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 109.234.156.178 on port 5655 TCP: $ telnet 109.234.156.178 5655 Trying 109.234.156.178… Connected to 109.234.156.178. Escape character… Читать далее RemoteManipulator botnet controller @109.234.156.178

===== Rolled forward as ongoing from SBL SBL500795, created 2020-11-04. ==== The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.175.44.167 on port 5655 TCP:… Читать далее RemoteManipulator botnet controller @185.175.44.167

According to our telemetry and our own intelligence, the host at this IP address has been setup by cyber criminals for the exclusive purpose of hosting phishing sites, malware distribution sites and/or botnet controllers. We therefore advise our users to block any traffic from/to this IP address. Malware distribution @5.8.76.205: hXXp://eguntong.com/pub33.exe Malware botnet controller located… Читать далее Malware / Botnet / Phishing hosting server @5.8.76.205

Received: from s2.megojom.ru (megojom.ru [46.148.239.18]) Date: Wed, 3 Nov 2021 13:2x:xx +0000 From: Aleksandr <info@s2.megojom.ru> Subject: Предложение 46.148.239.10 frenkom.ru 46.148.239.11 yeremont.ru 46.148.239.12 uwentos.ru 46.148.239.13 irawenom.ru 46.148.239.14 oblakodzen.ru 46.148.239.18 megojom.ru 46.148.239.19 tefalongo.ru 46.148.239.20 eseneno.ru 46.148.239.22 grehemon.ru

Received: from megojom.ru (megojom.ru [82.202.242.170]) Date: Tue, 2 Nov 2021 17:1x:xx +0000 From: Aleksandr <info@megojom.ru> Subject: Предложение 82.202.242.122 yeremont.ru 82.202.242.123 uwentos.ru 82.202.242.124 irawenom.ru 82.202.242.125 oblakodzen.ru 82.202.242.126 frenkom.ru 82.202.242.170 megojom.ru 82.202.242.171 tefalongo.ru 82.202.242.172 eseneno.ru 82.202.242.173 grehemon.ru 82.202.242.174 raferenco.ru

Received: from s9.megojom.ru (megojom.ru [5.188.139.35]) Date: Tue, 2 Nov 2021 07:0x:xx +0000 From: Aleksandr <info@s9.megojom.ru> Subject: Offer (Предложение) 5.188.139.34 grehemon.ru 5.188.139.35 megojom.ru 5.188.139.36 tefalongo.ru 5.188.139.37 eseneno.ru 5.188.139.38 raferenco.ru

The host at this IP address is currently being used to distribute malware. Malware distribution located here: hXXp://thisonecantbebanned.top/moons/top.exe $ dig +short thisonecantbebanned.top 78.155.222.151 Referencing malware binaries (MD5 hash): 10461cee6c477e426c45d9ea4723d93e — AV detection: 32 / 65 (49.23) 14a834ed1b4a0fcddce3ab973699960c — AV detection: 36 / 67 (53.73) 17464a721875e06437c0a7da619f1ba2 — AV detection: 18 / 63 (28.57) 1821f381f526f551b747fa3213ea9257 — AV… Читать далее Malware distribution @78.155.222.151

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 188.124.37.219 on port 26360 TCP: $ telnet 188.124.37.219 26360 Trying 188.124.37.219… Connected to 188.124.37.219. Escape character… Читать далее RedLineStealer botnet controller @188.124.37.219

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 5.8.76.202 on port 443 TCP: $ telnet 5.8.76.202 443 Trying 5.8.76.202… Connected to 5.8.76.202. Escape character… Читать далее Malware botnet controller @5.8.76.202

Received: from s7.megojom.ru (megojom.ru [79.141.68.234]) Date: Sun, 31 Oct 2021 23:2x:xx +0000 From: Alex <info@s7.megojom.ru> Subject: Ответьте на предложение (Respond to the offer) 79.141.68.234 megojom.ru 79.141.68.235 tefalongo.ru 79.141.68.236 eseneno.ru 79.141.68.237 raferenco.ru 79.141.68.238 grehemon.ru