Domains Domain IP f.eastmoon.pl 148.81.111.101 s.richlab.pl 148.81.111.101 gigasbh.org 82.165.129.253 IRC Traffic >> NICK {USA-XPx86a}cwecttyo >> USER cwectty 7949 7840 :cwectty >> MODE {USA-XPx86a}cwecttyo +iwG >> JOIN #sp yap >> PING 422 MOTD << 332 {USA-XPx86a}cwecttyo #sp : << 333 {USA-XPx86a}cwecttyo #sp x 1436609273 >> PONG 422Read more...
89.248.172.240(30k botnet hosted in Netherlands Amsterdam Ecatel Ltd)
Botnet found by sPy. Only server and port no channels here because no exe file to see for more. Feel free to check for channels ur self. Connecting to 89.248.172.240 (6667) Invisible Users 12: 12 3554Operators: 2 operator(s) onlineChannels: 12 channels formedClients: I have 3555 clients and 0 serversLocal users: 3555 29989 Current local usersRead more...
gki2mpdt3rsokbmv.onion (Irc botnet hosted on a Tor hidden service)
Server: gki2mpdt3rsokbmv.onion Port: 6667 Channel: #channel Oper: [wac] (wac@9bedb2.host): ac[wac] #channel[wac] lair.hell.net :Cerberus Server[wac] idle 00:00:18, signon: Tue May 13 18:24:47[wac] End of WHOIS list. The owner must have used very old bot code to create this, as it fails to work properly on windows 7 and higher. Related md5s (Download sample from Malwr.com) Ircbot:Read more...
keshmoney.biz(irc botnet hosted in France Roubaix Ovh Systems)
Found by AliSs Server: keshmoney.biz:6667 Channel: #all,#x00 password 777.#boss Bitcoin Miner: hxxp://knal.wut.re:8332 -u bram226_1 Hosted in this link: hxxp://noinei90.sommadue.it/Built.exe Sample here Hosting infos: http://whois.domaintools.com/37.59.53.162
210.205.6.30(irc botnet hosted in Korea, Republic Of Seoul Krnic)
Found by Yewnix. Local users: Current Local Users: 297 Max: 753 Global users: Current Global Users: 884 Max: 1536 Server: 210.205.6.30:6667 Chanel: #testdos Hosting infos: http://whois.domaintools.com/210.205.6.30
irc.teamirc.es(irc bots hosted in Canada Toronto Cirrus Tech. Ltd.)
Credits to AliSs for this. Server:irc.teamirc.es:6667 Channel:##ns## Now talking in 00##NS## Topic On: [ ##NS## ] [ 5RanDoM ScAn : 160 – – – 30/11/2013 16:21 12] Topic By: [ LoSKi ] Hosting infos: http://whois.domaintools.com/199.103.60.15
y.osej36.com (Irc botnet hosted by gandi.net)
Resolved y.osej36.com to 92.243.8.222 Server: y.osej36.com Port: 80 Server password: passwd Channel: #root Channel password: redem !NAZEL hxxp://www12.0zz0.com/2013/06/21/20/723860853.png a392564eae140562e4b27d0ab078ba1e !NAZEL hxxp://upload.tehran98.com/img1/9kxogpyfckk2xwuzzn6j.png a392564eae140562e4b27d0ab078ba1e !s -n A modified ircd is used, so you may have trouble connecting. Alternate domains: y.v23sdy.com y.rwt234.com Bitcoin mining info: minerd.exe -a scrypt -s 20 –no-longpoll -q -o za.oisdj.com:443 -u anonymous.1 -p -xRead more...
z.joerv02.com(irc botnet hosted in China Nanjing Chinanet Jiangsu Province Network)
Name Query Type Query Result Successful Protocol api.wipmania.com DNS_TYPE_A 69.197.137.58 YES udp z.baerr02.com DNS_TYPE_A NO udp z.joerv02.com DNS_TYPE_A 58.221.60.87 YES udp Server: z.joerv02.com:6513 PASS smart Channels: #dpi,#suk.#sar PASS smartRead more...
94.242.198.64(irc botnet hosted in Luxembourg Steinsel Root Sa)
Another botnet found by aLiSs Server: 94.242.198.64:5050 channel: #work Now talking in #workTopic On: [ #work ] [ , ]Topic By: [ x ] hosting infos: http://whois.domaintools.com/94.242.198.64
46.182.107.35(irc botnet hosted in Netherlands Amsterdam Rens Ariens Trading As Your Internet Service Provider)
Server: 46.182.107.35:4042 channel: #pirelli Now talking in #pirelli Topic On: [ #pirelli ] [ !down /99/106/112/81/55/59/40/125/111/122/35/110/105/106/100/107/119/122/121/59/106/120/102/9/71/113/109/127/105/99/54/56/52/50/49/22/48/55/59/15/44/52/51/40/99/101/ 12] Topic By: [ x ] credits to aLiSs for finding this botnet hosting infos: http://whois.domaintools.com/46.182.107.35