Resolved mal-labs.asia to 37.221.170.238 Server: mal-labs.asia Gate file: image.php Plugins: Rootkit mal-labs.asia/plugins/r.pack Formgrabber mal-labs.asia/plugins/f.pack Gate file: fg.php This is the file Paradoxun was running on his bots (cachke.exe). Hosting infos: http://whois.domaintools.com/37.221.170.238
199.119.226.75 (Barracuda irc botnet hosted by France Paris Dnsslave.com)
Server: 199.119.226.75 Port: 6667 Channel: #Aryan Oper: [Paradoxun] (Paradoxun@rofl12345): … [Paradoxun] ~#Aryan [Paradoxun] 199.119.226.75 :Lee’s [Paradoxun] idle 00:03:03, signon: Sat Nov 24 13:31:20 [Paradoxun] End of WHOIS list. You may remember Paradoxun from here or here It looks like he may have some aryan bots in the channel as well. Paradoxun .botkill -s ParadoxunRead more...
paradoxunirc.no-ip.biz (Barracuda irc bot hosted by Turkey Istanbul Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti.)
Resolved paradoxunirc.no-ip.biz to 176.53.119.14 Server: paradoxunirc.no-ip.biz Port: 4667 Channel: #yoloswag Owner: Paradoxun This is the latest irc of the barracuda .net irc bot. After trolling around for a bit, it’s time for this one to be posted. The Authost on the bot only checks for the nick, so just wait for Paradoxun to leave, /nickRead more...