Malware botnet controllers @95.213.165.229

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Smoke Loader botnet controller located at 212.193.50.94 on port 80 (using HTTP POST):
hXXp://xacokuo80.top/

xacokuo80.top. 600 IN A 95.213.165.229

The host at this IP address is currently being used to distribute malware.

Malware distribution located here:

hXXp://host-coin-data-1.com/files/9536_1637698109_9914.exe
hXXp://privacytoolzforyou-7000.com/downloads/toolspab2.exe

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 95.213.165.229 on port 443:
$ telnet 95.213.165.229 443
Trying 95.213.165.229…
Connected to 95.213.165.229.
Escape character is ‘^]’

Malicious domains observed at this IP address:
coin-coin-coin-2.com. 600 IN A 95.213.165.229
file-file-host4.com. 600 IN A 95.213.165.229
host-coin-data-1.com. 600 IN A 95.213.165.229
host-file-host9.com. 600 IN A 95.213.165.229
privacytoolzforyou-7000.com. 600 IN A 95.213.165.229
stats404.info. 600 IN A 95.213.165.229
xacokuo80.top. 600 IN A 95.213.165.229

Опубликовано
В рубрике selectel.ru

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *