Remote Host Port Number 199.85.215.60 6680 NICK Unix[]20904 USER Unix[]899046 192.168.2.128 cctvhome10.hopto.org :Unix[]454589 PONG :EEC5EB7 JOIN #[Unix]# PONG :nodo1.debiancrew.org hosting infos: http://whois.domaintools.com/199.85.215.60
www.maintpro-consultancy.com(pBot hosted in Philippines Maintpro Consultancy)
powered by LND – by BDM */ /* shouts: */ /* Yes we hate exposedbotnets.com */ /* have a nice day @ pig hate me lamers is not a prob lol Server www.maintpro-consultancy.com Port 9595 Channel #vics <? /****************************************************/ /* powered by LND - by BDM */ /* shouts: we fuck the world */ /****************************************************/Read more...
210mb malware samples
This package is full of irc bots,banking trojans,worms,rootkits have fun exploring them Download Download Download
p3dr1t0.info(ngrBot hosted in United States Herndon Road Runner Holdco Llc)
Remote Host Port Number 190.98.219.21 80 199.15.234.7 80 74.62.152.160 6060 PASS secret Local users: Current Local Users: 283 Max: 2070 Global users: Current Global Users: 283 Max: 1422 NICK n{US|XPa}scmyjzc USER scmyjzc 0 0 :scmyjzc PONG :7D743289 JOIN #hell secret PRIVMSG #hell :[d=”http://www.lomopalta.com/plugins/new.exe” s=”176128 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe” – Download retries:Read more...
nhg.knaqu.eu(irc botnet hosted in Denmark Tranbjerg Tdc A/s)
same guy run this botnet http://www.exposedbotnets.com/2010/04/ds32v7k3knaqueu.html Resolved : [nhg.knaqu.eu] To [62.243.224.85] Remote Host Port Number 62.243.224.85 4244 PASS NhG MODE [USA|NhGXP|031763] -ix JOIN #!En!# #xp PRIVMSG #!en!# :MSN: Thread Activated, Sending Message. PONG HTTP1.4 NICK [USA|NhGXP|031763] USER xyygsge * 0 :COMPUTERNAME Now talking in #!en!# Topic On: [ #!en!# ] [ .msn look here isRead more...
fesko-cheats.ru(G-Bot hosted in Ukraine Kiev Private Joint Stock Company Datagroup)
G-Bot the http malware from russia with love The bot owner try to hide via legit board wich is fesko-cheats.ru Panel is located here http://fesko-cheats.ru/panel/login.php HTTP Query Text fesko-cheats.ru GET /panel/getcmd.php?id=951725031&traff=0 HTTP/1.1 Sample hosting infos: http://whois.domaintools.com/93.183.203.79
sw.l33t-milf.info( 100k reptile bots spreading via ms exploit)
This is one of the biggest irc botnets still active 13 leafs full of bots I estimated the botnet size to 100k considering the number of leafs 13 but the real size can be bigger Domain names used to control bots: sw.l33t-milf.info pics.l33t-ppl.info Resolved : [sw.l33t-milf.info] To [95.48.93.250] Resolved : [sw.l33t-milf.info] To [85.159.163.42] Resolved :Read more...
122.226.202.225(irc botnet hosted in China Shaoxing Dingqi Internet Science Co. Ltd)
Remote Host Port Number 122.226.202.225 4802 PASS hax0r Nick:n{US|XPa}okmignn Channel:#ang ngrBot hosting infos: http://whois.domaintools.com/122.226.202.225
i.nerashti.net(irc botnet hosted in India Delhi Mtnl Cat B Isp)
Resolved : [i.nerashti.net] To [59.180.210.189] Remote Host Port Number 107.20.135.4 80 107.20.138.135 80 199.15.234.7 80 59.180.210.189 4244 PASS 666666 80.2.60.232 6667 PASS 666666 PRIVMSG #buli# :[d=”http://dl.dropbox.com/u/66711623/v/e/rundat.exe” s=”92160 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.exe” – Download retries: 0 NICK n{US|XPa}eechxgg USER eechxgg 0 0 :eechxgg JOIN #BuLi# redem PRIVMSG #buli# :[MSN]: Updated MSN spread intervalRead more...
vps1.imafish.net(ngrBot hosted in United States Input Output Flood Llc)
Resolved : [vps1.imafish.net] To [199.30.49.171] Local users: Current Local Users: 47 Max: 132 Global users: Current Global Users: 47 Max: 132 C&C Server: 199.30.49.171:6667 Server Password: Username: hewjcgy Nickname: n{DE|XPa}hewjcgy Channel: #botn (Password: ngrBot) Channeltopic: : Topic On: [ #botn ] [ ] Topic By: [ MagicSata ] hosting infos: http://whois.domaintools.com/199.30.49.171