Resolved crysis4.net to 91.231.84.114 Gate url: http://crysis4.net/knockout/image.php Login url: http://crysis4.net/knockout/index.php Rootkit plugin: http://crysis4.net/test/r.pack Hosting infos: http://whois.domaintools.com/91.231.84.114
Mystical Megapost (Botnets of all types) (Hosted by Ukraine Ukrainian Internet Names Center Ltd and Netherlands Maasdijk Worldstream)
As Mystical has now recently been banned from hackforums, I thought I would make an informative megapost of botnets he has or is currently using. Domains Bighecker.co 1212Mystic0801.info Sonic4us.com Sonic4me.com img196-imageshack.us rs-booter.com modtech360.info 307dice.com powerbot24.com img90-imageshack.com imageshells.com bighecks.net emails used for registration hlolgame@aim.com mikeydoc@hotmail.com #plug this into facebook to see his profile highroller098765@hotmail.com mikeshosting@yahoo.com bram.fadzulani@mail.comRead more...
img196-imageshack.us(Andromeda http malware hosted in voxility.net)
This is another contribution from our anonymous friend The sample here http://dl.dropbox.com/u/73806662/testandro.exe connects to img196-imageshack.us/pannel/image.php to have acces to this panel u need user:passwd here imageshack.us/pannel/ feel free to brute it 🙂 from virustotal scan the file testandro.exe apears to be FUD there is another file downloaded dl.dropbox.com/u/76205929/rk.cmd.dll wich from the name looks like rootkitRead more...