Loki botnet controller @193.124.118.81

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 193.124.118.81 port 443:
$ telnet 193.124.118.81 443
Trying 193.124.118.81…
Connected to 193.124.118.81.
Escape character is ‘^]’

Malicious domains observed at this IP address:
app-decline-transaction-help.com. 600 IN A 193.124.118.81
customer-id8319.com. 600 IN A 193.124.118.81
decline-transaction-request-help.com. 600 IN A 193.124.118.81
deliveryparceluk-reschedule.info. 600 IN A 193.124.118.81
lloyds-accessaccount.com. 600 IN A 193.124.118.81
mysantsmobile-app.com. 600 IN A 193.124.118.81
nhs-applycovid-pass.com. 600 IN A 193.124.118.81
nhscovidapplypass.com. 600 IN A 193.124.118.81
o2updatebilling.com. 600 IN A 193.124.118.81
orderhome-testkit.com. 600 IN A 193.124.118.81
po-local-branchs.com. 600 IN A 193.124.118.81
po-missed-shipment.com. 600 IN A 193.124.118.81
po-redeliverpackage.com. 600 IN A 193.124.118.81
post-relocation.com. 600 IN A 193.124.118.81
posupport-help.com. 600 IN A 193.124.118.81
redeliver-myitem.com. 600 IN A 193.124.118.81
reschedule-mypo.com. 600 IN A 193.124.118.81
resolve-billing-error.com. 600 IN A 193.124.118.81
revenue-taxreturn.com. 600 IN A 193.124.118.81
verify-transaction-decline.com. 600 IN A 193.124.118.81

Опубликовано
В рубрике ruvds.com

Добавить комментарий

Ваш адрес email не будет опубликован.