Resolved mirror.servehalflife.com to 95.211.209.178 Server: mirror.servehalflife.com Gate file: /barra/bot.php You may remember this no-ip from a previous post Same shit is still in /files/ the only changes being that blackshades now connects on own3d-private.no-ip.org on port 55050, and it uses the no-ip files.serveblog.net to download the other files. More links found by Xylitol: hxxp://mirror.servehalflife.com/torrent/Read more...
mirror.serverhalflife.com (Pandora http bot hosted by Netherlands Haarlem Leaseweb B.v.)
Resolved mirror.serverhalflife.com to 95.211.209.178 Pandora ddos bot Server: mirror.serverhalflife.com Gate file: /pando/?u=17b6n82405v5ycal3ks4bb7i655e088m Other crap on the server Microworm panel: mirror.serverhalflife.com/micro/ The password is “root” Files are located at hxxp://mirror.serverhalflife.com/files/ blackdra.exe is blackshades Connects to own3d-private.no-ip.org:4010 Blackshades downloads more of the files x0x0.294.24.10.10.0.2.15.0.0.0.Federal-Agent.FBI-PC.1.Microsoft Windows XP .522.0.5.0.58802054.0.new.November 4, 2012.Hide My Ass Vpn FBI access panel (Welcome AgentRead more...