Loki botnet controller @

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at port 443:
$ telnet 443
Connected to
Escape character is ‘^]’

Malicious domains observed at this IP address:
app-decline-transaction-help.com. 600 IN A
customer-id8319.com. 600 IN A
decline-transaction-request-help.com. 600 IN A
deliveryparceluk-reschedule.info. 600 IN A
lloyds-accessaccount.com. 600 IN A
mysantsmobile-app.com. 600 IN A
nhs-applycovid-pass.com. 600 IN A
nhscovidapplypass.com. 600 IN A
o2updatebilling.com. 600 IN A
orderhome-testkit.com. 600 IN A
po-local-branchs.com. 600 IN A
po-missed-shipment.com. 600 IN A
po-redeliverpackage.com. 600 IN A
post-relocation.com. 600 IN A
posupport-help.com. 600 IN A
redeliver-myitem.com. 600 IN A
reschedule-mypo.com. 600 IN A
resolve-billing-error.com. 600 IN A
revenue-taxreturn.com. 600 IN A
verify-transaction-decline.com. 600 IN A

Добавить комментарий

Ваш адрес email не будет опубликован.