Miner malware hosted in Belgium Ict Ventures Bvba/sprl)

This is the second belgian hoster found hosting malwares that’s not good lol
Again another great contribution from our anonymous friend wich i called malware because it uses infected machines to do what he does
the bitcoin miner is downloaded from here
it connects to svchost2.exe -o -u trap258_gwas -p himom 111 0

looks like this is Yoshi the hecker from hf lol

svchost64.exe -t 6 -o -u Yoshi_Yoshi1 -p yoshi123

hosting infos:
IT – Operations
address: ICT Ventures BVBA/SPRL
address: Dewandelaerstraat 12
address: 1930 Zaventem
address: Belgium
phone: +32 2 123 45 67
fax-no: +32 2 123 45 67

Categories: Uncategorized


Anonymous - April 28, 2012 at 11:58 pm

Pretty sure that's a legit mining pool pig. I went on their irc channel and they were more than willing to remove the botnet user login. The bitcoin software just connects to the mining pool, it doesn't have a panel.
They should probably check for botnet users, ie users with many different ips rather than waiting for reports though.

Jack - May 5, 2012 at 5:35 pm

I sent a report about this net , They forwarded the report to my ISP , My ISP thought it was them sending the report to them and sent a letter out to me with the report attached.

Anonymous - May 5, 2012 at 7:11 pm

Pig - May 5, 2012 at 7:42 pm

nice i got files will post later if there is something funny inside

Comments are closed