Emotet malware distribution @40.83.77.49 [compromise website]

The host at this IP address is hosting a website that have been compromised by threat actors to distribute Emotet (aka Heodo) malware. The following URL is hosting a webshell that is being accessed by the threat actors programmatically to place malware on the website:

URL: http://extremejoy.live/wp-includes/css/dist/nux/JST10x.php
Host: extremejoy.live
IP address: 40.83.77.49
Hostname: n/a

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *