Remote Host Port Number 204.0.5.41 80 216.178.38.224 80 63.135.80.46 80 69.171.224.14 80 205.234.129.250 2866 PASS xxx NICK NEW-[USA|00|P|16653] USER XP-6905 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|16653] -ix JOIN #!nine! test PONG 22 MOTD hosting infos: http://whois.domaintools.com/205.234.129.250
213.5.178.1(irc botnet hosted in United Kingdom Racksrv Communications Ltd)
Remote Host Port Number 199.7.177.238 80 213.251.170.52 80 74.120.8.239 80 213.5.178.1 3922 PASS 441(ircd here) PRIVMSG #b :[MSN]: Updated MSN spread interval to “6” PRIVMSG #b :[MSN]: Updated MSN spread message to “Wow haha !! http://tiny.cc/qeii6?=Facebook_photos_18_5_2011” PRIVMSG #alfa :[DNS]: Blocked 1259 domain(s) – Redirected 0 domain(s) NICK n{US|XPa}wonufjq USER wonufjq 0 0 :wonufjq JOIN #alfaRead more...
38mb malware samples
Another package for malware analysers size 38mb inside the package u have bankers,remote trojans,bots etc.. have fun Download: http://9d701a30.goneviral.com
89.17.220.220(banker hosted in Spain Barcelona Miarroba Networks S.l)
The method here is this: the spanish or brasilian hecker uses java aplet to download and execute his banker into remote computers the malicious url file is this: http://pics24.fileave.com/ to find out how the banker is downloaded and excuted u have to download the index.html file via wget for windows http://users.ugent.be/~bpuype/wget/#usage after downloading the index.htmlRead more...
75.102.22.40(irc botnet hosted in United States Chicago Hostforweb Inc)
Remote Host Port Number 204.0.5.51 80 216.178.38.224 80 216.178.39.11 80 66.220.149.11 80 75.102.22.40 2866 PASS xxx(irc comunication) NICK NEW-[USA|00|P|74212] USER XP-9076 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|74212] -ix JOIN #!nine! test PONG 22 MOTD hosting info: http://whois.domaintools.com/75.102.22.40
dl.ka3ek.com(irc botnet hosted in China Beijing Chinanet Jiangxi Province Network)
Remote Host Port Number dl.ka3ek.com 3321 PASS eee Resolved : [dl.ka3ek.com] To [59.53.91.167] Resolved : [dl.ka3ek.com] To [60.190.218.104] PASS eee KCIK qkrcdlij rssr pjvknyue “” “vxs” :pjvknyue PRIVMSG #dpi :Done. hosting infos: http://whois.domaintools.com/59.53.91.167
208.98.26.140(irc botnet hosted in United States Morgantown Sharktech Internet Services)
Remote Host Port Number 208.98.26.140 3211 PASS google_cache2.tmp NICK n[DvLz-USA|XP]757134 USER 7571 “” “TsGh” :7571 PONG :2ECEF3B6 JOIN #DvLz DvLz# PONG :Irc.D3v1Lz.Com hosting infos: http://whois.domaintools.com/208.98.26.140
46.21.169.42(irc botnet hosted in Netherlands Amsterdam Denkers Ict – Ipv4 Infrastructure)
Remote Host Port Number 46.21.169.42 6567 PASS s1m0n3t4 70.38.98.239 80 * The data identified by the following URL was then requested from the remote web server: o http://img105.herosh.com/2011/05/13/348778130.gif MODE [SI|USA|00|P|75060] -ix JOIN #mot# c1rc0dusoleil PRIVMSG #mot# :[Dl]: File download: 80.0KB to: c:WINDOWSjds.exe @ 80.0KB/sec. PRIVMSG #mot# :[Dl]: Created process: “c:WINDOWSjds.exe”, PID: PONG Apple.Network NICK [SI|USA|00|P|75060]Read more...
mecanto571.dyndns.org(irc botnet hosted in Germany Hetzner Online Ag)
Resolved : [mecanto571.dyndns.org] To [178.63.252.56] Remote Host Port Number 178.63.252.56 26745 PASS google_cache2.tmp or PASS serverpass 64.186.152.219 26745 PASS google_cache2.tmp or PASS serverpass 64.62.181.43 80 Invisible Users: 1417 Channels: 1 channels formed Clients:I have 1418 clients and 0 servers Local users: Current Local Users: 1418 Max: 4139 Global users: Current Global Users: 1418 Max: 1677Read more...
New Domain Name For The Blog
Hi everyone From today’s blog will have a new address this one www.exposedbotnets.com The name is closer to the content Have fun and see you later