RustyStealer botnet controller @95.217.123.28

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RustyStealer botnet controller located at 95.217.123.28 on port 80 (using HTTP POST):
hXXp://mythic.fckinpwned.cn/data

$ dig +short mythic.fckinpwned.cn
95.217.123.28

$ nslookup 95.217.123.28
static.28.123.217.95.clients.your-server.de

Referencing malware binaries (MD5 hash):
f1c8a0ca2faca15f084dae33589a1195 — AV detection: 5 / 69 (7.25)

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован.