Month: May 2011

46.17.100.229(irc botnet hosted in Russian Federation Mir Telematiki Ltd)

Uncategorized

Remote Host Port Number 46.17.100.229 4443 ircd here 46.28.64.99 444 46.28.64.99 80 79.142.67.113 80 NICK N[USA|XP][vsdyciq] USER vsdy “” “lol” :vsdy JOIN #b0ts PONG 422 PRIVMSG #b0ts :[Download]: Succeeded using primary method [WinInet: 279 KB] executables: # http://c0re.us/test.exe # http://waterforpeople.co.cc/crypted.exe Spyeye panel: http://quantummechanic.cc/controlpanel/ Spyeye executable: http://waterforpeople.co.cc/spyfud.exe.exe hosting info: http://whois.domaintools.com/46.17.100.229

gusan0.sin-ip.es(irc botnet hosted in United States Chicago Fdcservers.net)

Uncategorized

Remote Host Port Number 50.7.247.10 6667 NICK NEW[XX][XP]8744609838 USER 8744 “” “TsGh” :8744 MODE NEW[XX][XP]8744609838 -d JOIN ##spam## PONG :irc.priv8net.com NICK {XPUSA698507} USER COMPUTERNAME * 0 :COMPUTERNAME MODE {XPUSA698507} -ix JOIN ##v5## MODE ##v5## -ix PRIVMSG ##v5## :.::[DDoS]::. Flooding 127.0.0.2:1234 with ddos.syn for 50 seconds PRIVMSG ##v5## :.::[DDoS]::. Done with flood (0KB/sec). NICK {XPUSA965601} MODERead more...

204.15.252.199(irc botnet hosted in United States Henderson Trashy Media)

Uncategorized

UPDATE: 204.15.252.199:4042 Irc Trafic: NICK new[BEL|XP|Pig-D17A7D27]dvxotgy USER hh “” “lol” :hh Now talking in #newbiz# Topic On: [ #newbiz# ] [ .down /99/106/112/81/55/59/40/125/111/122/35/108/114/121/114/116/115/106/104/122/126/121/37/69/76/117/48/113/107/125/118/126/47/108/116/84/47/102/113/71/ ] Topic By: [ b ] Topic: b sets topic [] hosting infos: http://whois.domaintools.com/204.15.252.199

117.211.84.155(irc botnet hosted in India Bangalore O/o Dgm Bb Noc Bsnl Bangalore)

Uncategorized

Remote Host Port Number 117.211.84.155 25343 PASS scary NICK [USA|XP|XmWCMYN5] USER 9583 “” “lol” :9583 NICK [USA|XP|UFdwiY47] USER 4508 “” “lol” :4508 NICK [USA|XP|YZw7cS8u] USER 2152 “” “lol” :2152 NICK [USA|XP|X2XUcWQU] NICK [USA|XP|cuCVirAD] USER 6242 “” “lol” :6242 NICK [USA|XP|bx3Iivi3] USER 8840 “” “lol” :8840 NICK [USA|XP|fRQNcpmq] USER 6294 “” “lol” :6294 hosting infos http://whois.domaintools.com/117.211.84.155

hubs.ishtiben.com(irc botnet hosted in China)

Uncategorized

Resolved : [hubs.ishtiben.com] To [60.190.218.104] Resolved : [hubs.ishtiben.com] To [59.63.157.62] Resolved : [hubs.ishtiben.com] To [123.183.217.32] Resolved : [hubs.ishtiben.com] To [60.190.223.125] Remote Host Port Number hubs.ishtiben.com 1110 PASS eee KCIK kqidriuawk rssr jtswecmrxx “” “pyk” :jtswecmrxx Chanels:#s,#i,

server.abimansour.com(irc botnet hosted in United States Chicago Hostforweb Inc)

Uncategorized

Remote Host Port Number 204.0.5.41 80 216.178.38.224 80 63.135.80.46 80 85.118.137.12 80 66.225.238.146 2345 PASS xxx NICK NEW-[USA|00|P|22588] USER XP-4207 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|22588] -ix JOIN #!gf! test PONG 22 MOTD UPDATE: NICK New[USA|00|P|78837] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-3049 * 0 :COMPUTERNAME MODERead more...