The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 77.223.99.210 port 443: $ telnet 77.223.99.210 443 Trying 77.223.99.210… Connected to 77.223.99.210. Escape character is ‘^]’… Читать далее Malware botnet controller @77.223.99.210[second listing]
Рубрика: selectel.ru
Spamvertised website
2022-03-21 gotogml.com. 60 IN A 45.8.124.239 2022-03-09 gotogml.com. 60 IN A 45.8.124.230 2022-03-01 gotogml.com. 60 IN A 45.8.127.154 2022-03-01 gotogml.com. 60 IN A 45.8.127.155 2022-02-24 gotogml.com. 60 IN A 147.182.245.65 2022-02-24 gotogml.com. 60 IN A 213.166.70.250 2022-02-24 gotogml.com. 60 IN A 213.166.70.175 2022-02-23 gotogml.com. 60 IN A 37.140.197.206 2022-02-20 gotogml.com. 60 IN A 45.8.127.154 2022-02-01… Читать далее Spamvertised website
RedLineStealer botnet controller @185.11.73.22
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.11.73.22 on port 45202 TCP: $ telnet 185.11.73.22 45202 Trying 185.11.73.22… Connected to 185.11.73.22. Escape character… Читать далее RedLineStealer botnet controller @185.11.73.22
Cybercrime site/forum: infodig.ch / infodig.domains / infodig.sx
Stolen credit card data websites: https://ascarding.com/ >>> https://infodig.is/ infodig.ch. 600 IN A 45.8.127.6 infodig.domains. 600 IN A 45.8.127.6 infodig.sx. 600 IN A 45.8.127.6 ________________ Was: infodig.ch. 600 IN A 45.141.101.93 infodig.domains. 600 IN A 45.141.101.93 infodig.sx. 600 IN A 45.141.101.93 ________________ Was: infodig.ch. 600 IN A 185.188.183.32 infodig.domains. 600 IN A 185.188.183.32 infodig.sx. 600 IN… Читать далее Cybercrime site/forum: infodig.ch / infodig.domains / infodig.sx
Malware botnet controller @45.8.124.67
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller at 45.8.124.678 on port 443: $ telnet 45.8.124.678 443 Trying 45.8.124.678… Connected to 45.8.124.678. Escape character is ‘^]’ Malicious domains observed at this IP… Читать далее Malware botnet controller @45.8.124.67
Spamvertised website
2022-03-09 gotogml.com. 60 IN A 45.8.124.230 2022-03-01 gotogml.com. 60 IN A 45.8.127.154 2022-03-01 gotogml.com. 60 IN A 45.8.127.155 2022-02-24 gotogml.com. 60 IN A 147.182.245.65 2022-02-24 gotogml.com. 60 IN A 213.166.70.250 2022-02-24 gotogml.com. 60 IN A 213.166.70.175 2022-02-23 gotogml.com. 60 IN A 37.140.197.206 2022-02-20 gotogml.com. 60 IN A 45.8.127.154 2022-02-01 gotogml.com. 60 IN A 194.87.1.4 2022-01-31… Читать далее Spamvertised website
Smoke botnet controller and malware distribution @45.8.124.53
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Smoke Loader botnet controller located at 45.8.124.53 on port 80 (using HTTP POST): hXXp://file-coin-host-12.com/ file-coin-host-12.com. 600 IN A 45.8.124.53 Referencing malware binaries (MD5 hash): 709cdc8f1ffceb73206dec78221d895e — AV… Читать далее Smoke botnet controller and malware distribution @45.8.124.53
Loki botnet controller @80.66.64.206
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 45.8.124.154 on port 80 (using HTTP POST): hXXp://hstfurnaces.net/gd4/fre.php hstfurnaces.net. 600 IN A 45.8.124.154 Referencing malware binaries (MD5 hash): 0d5b6c1f4ae4856fb7e00acd033c7938 — AV detection:… Читать далее Loki botnet controller @80.66.64.206
Loki botnet controller @45.8.124.154
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Loki botnet controller located at 45.8.124.154 on port 80 (using HTTP POST): hXXp://hstfurnaces.net/gd4/fre.php hstfurnaces.net. 600 IN A 45.8.124.154 Referencing malware binaries (MD5 hash): 0d5b6c1f4ae4856fb7e00acd033c7938 — AV detection:… Читать далее Loki botnet controller @45.8.124.154
Hosting phishing domains
45.8.124.95 ajaxtracker.com 2022-03-04 23:46:44 45.8.124.95 jqueryllc.net 2022-03-03 19:51:28 ______________________ Was: ajaxtracker.com. 600 IN A 2.57.186.110 coupon-popup.net. 600 IN A 2.57.186.110 ______________________ Was: ajaxtracker.com. 600 IN A 91.142.77.233 coupon-popup.net. 600 IN A 91.142.77.233 ______________________ Was: 185.87.49.227 ajaxtracker.com 2022-02-28 09:28:30 185.87.49.227 purechal.com 2022-02-28 11:21:32 ______________________ Was: ajaxtracker.com. 600 IN A 141.8.194.6 coupon-popup.net. 600 IN A 141.8.194.6 ______________________… Читать далее Hosting phishing domains