Remote Host Port Number 199.15.234.7 80 46.105.241.246 3211 NICK New{US-XP-x86}7678642 USER 7678642 “” “7678642” :7678642 MODE New{US-XP-x86}7678642 +iMm JOIN #aryan none PONG :IRC.Secret.GoV hosting infos: http://whois.domaintools.com/46.105.241.246
178.162.226.216(irc botnet hosted in United Kingdom Netdirect)
Remote Host Port Number 178.162.226.216 5858 PASS cidayx10 NICK n{Ganja-USA|XP}861309 USER 9032 “” “TsGh” :9032 JOIN #ganj cidayx PONG :HTTP1.4 hosting infos: http://whois.domaintools.com/178.162.226.216
79.142.70.252(Zeus Banking Malware hosted in Netherlands Amsterdam Altushost Inc)
This is the panel:http://79.142.70.252/~freelan1/zcp/ exe file: http://79.142.70.252/~freelan1/zcp/server/bot.exe php shell used to control the server: http://79.142.70.252/~freelan1/_private/ needs password config file: http://79.142.70.252/~freelan1/zcp/server/config.bin hosting infos: http://whois.domaintools.com/79.142.70.252
94.23.109.35(irc botnet hosted in Poland Wroclaw Ovh Systems)
Remote Host Port Number 94.23.109.35 6667 NICK [nLh-VNC]fzxkcb USER njgwt “fo8.net” “rage” :njgwt JOIN #~vnc~# bitch PRIVMSG #~vnc~# : [RAGE SCAN:] range: 192.34.0.0/100 threads. hosting infos: http://whois.domaintools.com/94.23.109.35
210.223.139.97(irc botnet hosted in Korea, Republic Of Imin)
Remote Host Port Number 210.223.139.97 4244 NICK new[iRooT-XP-USA]523315 USER 5233 “” “TsGh” :5233 JOIN #!N!# WTF PONG :irc.foonet.com hosting infos: http://whois.domaintools.com/210.223.139.97
69.30.194.210(ngrBot hosted in Canada Toronto Wholesale Internet Inc)
Remote Host Port Number 199.15.234.7 80 85.13.253.120 80 69.30.194.210 6969 PASS ngrBot NICK n{US|XPa}glkwfsr USER glkwfsr 0 0 :glkwfsr JOIN ##cybercenter## ngrBot PRIVMSG ##cybercenter## :[DNS]: Blocked 0 domain(s) – Redirected 2 domain(s) hosting infos: http://whois.domaintools.com/69.30.194.210
219.66.191.142(irc botnet hosted in Japan Ichihara Open Data Network(japan Telecom Co. Ltd.)
Remote Host Port Number 174.121.14.164 80 174.36.56.201 80 195.10.192.39 80 195.210.28.38 80 195.250.147.177 80 204.0.5.35 80 204.2.197.201 80 209.17.74.144 80 219.96.106.218 80 66.115.184.85 80 219.66.191.142 4244 PASS google_cache2.tmp NICK new[iRooT-XP-USA]807411 USER 8074 “” “TsGh” :8074 JOIN #!N!# WTF PRIVMSG #!N!# :http://kajmak1.bloger.hr Has Been Visited! hosting infos: http://whois.domaintools.com/219.66.191.142
31.3.254.125(irc botnet hosted in United Kingdom Redstation Limited)
Remote Host Port Number 31.3.254.125 6667 NICK USA|2953864 USER snzefqx 0 0 :USA|2953864 JOIN #Skk k3y USERHOST USA|2953864 MODE USA|2953864 -x+i PONG :HTTP1.4 hosting infos: http://whois.domaintools.com/31.3.254.125
92.241.165.221(irc botnet hosted in Russian Federation Moscow Oao Webalta)
server 92.241.165.221:1234 PASS ngrBot (Channel: #!nigro!) Now talking in #!nigro! Topic On: [ #!nigro! ] [ ] Topic By: [ spin ] PRIVMSG #test :[DNS]: Blocked 1310 domain(s) – Redirected 0 domain(s) NICK n{US|XPa}eyqlyzj USER eyqlyzj 0 0 :eyqlyzj JOIN #test ngrBot PRIVMSG #test :[HTTP]: Updated HTTP spread interval to “2” PRIVMSG #test :[MSN]: UpdatedRead more...
62.122.246.165(irc botnet hosted in Russian Federation St. Petersburg Ooo Set)
server 62.122.246.165:48912 (Channel: ##net) psybnc wich conect to botnet found by _char hosting infos: http://whois.domaintools.com/62.122.246.165