Author: Pig

64.34.200.181(irc botnet hosted in United States Newhall Serverbeach)

Uncategorized

Remote Host Port Number 64.34.200.181 2345 NICK New[USA|00|P|73781] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-9402 * 0 :COMPUTERNAME MODE New[USA|00|P|73781] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/64.34.200.181

zeus.sunke.info(irc botnet hosted in China Zhejiang Ninbo Lanzhong Network Ltd)

Uncategorized

122.224.6.164 zeus.sunke.info ilo.brenz.pl Resolved : [ilo.brenz.pl] To [94.63.149.150] HTTP QueriesHTTP Query Text – x82x96xa2xe3xdaxd1xc7 Remote Host Port Number 122.224.6.164 82 174.123.157.154 80 174.133.57.141 80 193.5.110.10 80 204.0.5.40 80 204.0.5.48 80 204.0.5.59 80 207.46.202.15 80 64.38.232.180 80 65.55.13.243 80 66.114.51.107 80 60.190.223.132 88 60.190.223.60 2011 60.190.223.60 2012 60.190.223.60 888 61.147.99.179 81 66.228.49.83 1867 83.133.119.197 65520 ServiceRead more...

bt1.oyoba.com(ngrBot hosted in Russian Federation Moscow Anders Telecom Ltd)

Uncategorized

40-50K Bots inside aproximatly bt1.oyoba.com primary dns for controling bots bt1.yakizzy.com secondary dns not active Resolved : [bt1.oyoba.com] To [87.251.154.185] Resolved : [bt1.oyoba.com] To [87.251.154.168] Resolved : [bt1.oyoba.com] To [87.251.154.135] Resolved : [bt1.oyoba.com] To [87.251.154.145] 87.251.154.145:7654 Server Pass: ngrBot 87.251.154.135:7654 Server Pass: ngrBot 87.251.154.168:7654 Server Pass: ngrBot 87.251.154.185:7654 Server Pass: ngrBot Nick: n{US|XPa}bjhvcdc Username: bjhvcdcRead more...

91.121.100.60(irc botnet hosted in France Ovh Systems)

Uncategorized

Remote Host Port Number 216.146.39.70 80 72.233.89.200 80 91.121.100.60 9595 JOIN #!scan# error PONG 22 MOTD MODE USA|XP|SP2|00|2966|L|3819 +iB-x JOIN #mss# psy PONG 422 PRIVMSG #mss# :[SCAN]: Sequential Port Scan started on 192.168.0.0:1433 with a delay of 6 seconds for 0 minutes using 60 threads. NICK USA|XP|SP2|00|2966|L|3819 USER szjwcb 0 0 :USA|XP|SP2|00|2966|L|3819 USERHOST USA|XP|SP2|00|2966|L|3819 hostingRead more...

dem0002.in(ngrBot hosted in United States Hollywood Exclusive Proxy Llc)

Uncategorized

Big hecker=>big botnet=>easy to trace Same guy named google hf hecker servers used for botnets mostly hosted from razorservers.com USA lol Botnet size estimated around 60-80k Resolved : [dem0002.in] To [70.34.194.26] Resolved : [dem0002.in] To [70.34.196.90] Resolved : [dem0002.in] To [66.199.249.154] Resolved : [dem0002.in] To [70.34.196.146] Other domain in stock for the moment waiting toRead more...

140mb malware samples

Uncategorized

This package contains diferent irc bots,bitcoin miner,banking trojans etc have fun Download: http://3e2a9dd0.ultrafiles.net

av.psybnc.cz(100k ngrBot hosted in France Paris Gandi)

Uncategorized

Saga continues the lamer behind this net(Virus) is changing domain names but still hard for him to be invisible Resolved : [av.psybnc.cz] To [92.243.10.12] Resolved : [av.psybnc.cz] To [92.243.0.109] Resolved : [av.psybnc.cz] To [92.243.27.72] Resolved : [av.psybnc.cz] To [92.243.17.156] Resolved : [av.psybnc.cz] To [92.243.25.164] Other domains used by the lamer: up.a7aneek.net av.shannen.cc 92.243.10.12 5900 PASSRead more...