Author: I_Post_Ur_Info

msn.3utilities.com (Betabot http botnet hosted by ecatel.net)

Uncategorized

Resolved  msn.3utilities.com to 80.82.66.43 Server:  msn.3utilities.com Port:  81 Gate file:  /help/order.php Alternate domains: videoparadise.biz kittybook.biz        msn1981.3utilities.com dates4you.tk Three out of the five domains are free and easy to get suspended. Pro botherder here. Bitcoin mining info:  stratum+tcp://eu-stratum.btcguild.com:3333 -u m4tr1x_neo -p 123 -t 0 -I -3 Litecoin mining info:  -a scrypt -o http://kittybook.no-ip.biz:8332 -u m4tr1x_0Read more...

fahfasd.pw (Andromeda http botnet hosted by xeneurope.com)

Uncategorized

Resolved fahfasd.pw to 109.235.51.249 Server:  fahfasd.pw Gate file:  /Panel/image.php Plugins Rootkit:  hxxp://fahfasd.pw/Panel/plugins/r.pack Socks:  hxxp://fahfasd.pw/Panel/plugins/s.pack Formgrabber:  hxxp://fahfasd.pw/Panel/plugins/f.pack   Gate file:  /Panel/fg.php Hosting infos: http://whois.domaintools.com/109.235.51.249

solutionswiki.com (Betabot http botnet hosted by alibabahost.com)

Uncategorized

Resolved solutionswiki.com to 109.163.233.107 Server:  solutionswiki.com Port:  4137 Gate file:  /system/order.php I don’t know why betabot owners keep putting their http servers on ports other than 80. Seems pretty dumb. I guess you can only expect so much from a HF bot and it’s owners. Hosting infos: http://whois.domaintools.com/109.163.233.107

hardstunt.com (Andromeda http botnet proxied by cloudflare.com)

Uncategorized

Resolved hardstunt.com to 108.162.198.113, 108.162.199.113 Server:  hardstunt.com Gate file:  /blob/image.php Hosting a botnet behind cloudflare seems like a bad idea.Lets see if I can get this blocked. EDIT: CloudFlare received your malware report dated April 28, 2013 regarding: hardstunt.com Please be aware CloudFlare is a network provider offering a reverse proxy, pass-through security service. WeRead more...