myinstalls.info (Andromeda and kbot http botnets hiding behind cloudflare)

By I_Post_Ur_Info, November 20, 2012

Resolved myinstalls.info to 199.27.134.49, 173.245.60.132

Andromeda
Server: myinstalls.info
Gate file: /neuro/image.php

kbot
Server: myinstalls.info
Gate file: /kb/gate.php

I’m glad to see Khant has recovered from having some malicious individual run rm -rf / as root on his server.
However I’m not sure if having bots connect through cloudflare is such a good idea.

Categories: Uncategorized

Tags: Andromeda Botcloudflarekbot

Previous postdevbug.su (Andromeda http botnet hosted by United Kingdom Pintwire)

Next posttruthaboutcannella.net (Andromeda http botnet hosted by Panama Panama Cyber Cast International S.a.)

freegamebox.ru (Betabot http botnet proxied by cloudflare.com)

gemers9.ru (Betabot http botnet proxied by cloudflare.com)

shinyhosting.ws.gy(Andromeda Bot hosted in United States Amsterdam Hosting Servers)