Month: January 2011

rapedbitch.ru(botnet hosted in Russian Federation Iqhost Ltd)

rapedbitch.ru DNS_TYPE_A 193.106.173.198 193.106.173.198:6667 Nick: {N}|AUT|XP|pc5|282067 Username: lchzqs Server Pass: google_r8[H1_6]x6-t.tmp Joined Channel: #raped with Password zero Private Message to Channel #raped: “New Servant.” infos about hosting: http://whois.domaintools.com/193.106.173.198

219.166.6.86(botnet hosted in Japan Kyoei Co. Ltd)

Remote Host Port Number 192.138.251.21 80 219.166.6.86 7000 NICK FL328166751035 USER zqyoxakthwobzo 0 0 :FL328166751035 MODE FL938934844607 +i JOIN #GL .x. USERHOST FL938934844607 USERHOST FL328166751035 MODE FL328166751035 +i NICK FL938934844607 USER amwswoejuztaxd 0 0 :FL938934844607 infos about hosting: http://whois.domaintools.com/219.166.6.86

hestia.divinusdeus.net(botnet hosted in United States Chicago Singlehop Inc)

173.236.47.2:9872 Nick: [N][AUS][XP][13964] Username: Surreal Joined Channel: #cfcworld with Password prisonbreak Channel Topic for Channel #cfcworld: “!spread.usb|!spread.rar 1|!spread.msn Hey check this out OMG http://dl.dropbox.com/u/14953248/x-c0n1-2CR.exe|” infos about hosting: http://whois.domaintools.com/173.236.47.2

213.229.99.144(botnet hosted in United Kingdom Canonical Range For Mk-48z)

Remote Host Port Number 208.43.102.156 80 216.178.38.224 80 63.135.80.46 80 64.211.162.83 80 66.220.146.18 80 213.229.99.144 1234 PASS xxx MODE NEW-[USA|00|P|29713] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|29713] USER XP-2551 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/213.229.99.144

193.106.173.190(botnet hosted in Russian Federation Iqhost Ltd)

server:port 193.106.173.190:5900 nickname IDENTIFY Virus fatalz ircd used for this server Now talking in ##ENC## ChanMode: irc.efnet.org sets mode [+smntMu-o Ø»• 0¬‘ ] [10:16] . 11. 13. -o Ø»• 0¬‘ infos about hosting: http://whois.domaintools.com/193.106.173.190

botnetaliss.co.cc(botnet hosted in Korea, Republic Of Seoul Hanaro Teleco

Adres: botnetaliss.co.cc Channel: #zurna | #xp | #scan Login: #neo 354789 Resolved : [botnetaliss.co.cc] To [114.207.244.145] Resolved : [botnetaliss.co.cc] To [114.207.244.146] Resolved : [botnetaliss.co.cc] To [114.207.244.143] Resolved : [botnetaliss.co.cc] To [114.207.244.144] infos about hosting: http://whois.domaintools.com/114.207.244.145

64.202.120.43(botnet hosted in United States Chicago Hostforweb Inc)

Remote Host Port Number 174.37.200.82 80 216.178.39.11 80 63.135.80.224 80 64.211.162.72 80 66.220.149.25 80 64.202.120.43 1234 PASS xxx MODE NEW-[USA|00|P|39547] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|39547] USER XP-2882 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/64.202.120.43

pd0x.kamii.us(linux bots hosted in United States Arlington Heights Ecomdevel Llc)

var $config = array(“server”=>”pd0x.kamii.us”, “port”=> “7777”, “pass”=>”puta”, // “prefix”=>””, “maxrand”=>7, “chan”=>”#pwnage#”, “key”=>”xxx”, // “modes”=>”-x+i”, “password”=>”puta”, // “trigger”=>”!”, “hostauth”=>”*” // * Now talking in #pwnage# Topic On: [ #pwnage# ] [ God bless Google! and yes…[23:03:25] [UDP]: Finished attack: 1312799 MB sented Attacked speed: 43760 MB/s …for you DEMO.. [UDP]: Finished attack: 2695744 MB sented Attacked