Dancho Danchev' Blog - New Version of Android-Based Mobile Application Available! Grab a copy today!

Dear blog readers,

This is Dancho and I wanted to let everyone know that I've just updated the mobile application for my personal blog to include additional features including my personal blog my Twitter account including my Medium account including Box.sk's Wordpress blog where I'm currently running a high-profile hacking and security project including my Flickr account where I intend to begin posting daily series of cybercrime research photos part of my research including my featured "Exposing Koobface - The World's Largest Botnet" including featured products which you can buy including services which you can inquire about in case you're interested in workibg with me as an independent contractor including a built-in Box.sk search engine for hackers which is Astalavista.box.sk flagship search engine for hackers with over 3M processed and updated in real-time hacking and security resources.

Here are some related screenshots of the application:

Stay tuned!

Continue reading →

Russia's SVR Launches "SecureDrop" Similar National Security Threats Soliciting Web Site on the Dark Web - An Analysis

Big stuff! Russia's SVR has recently launched a Dark Web onion Web site similar to SecureDrop for the purpose of enticing citizens and individuals into submitting information regarding threats facing Russia. Users are enticed into visiting the Dark Web onion Web site including to use a publicly accessible PGP for the purpose of submitting information relevant to Nation Security Threats facing Russia.

Primary Russia SVR Dark Web Onion URL:

hxxp://svrgovru24yd42e6mmrnohzs37hb35yqeulvmvkc76e3drb75gs4qrid.onion

Primary Russia SVR Public PGP Key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBF7bruoBEACb78LwhlBJDhT707sK7MlFGB0S8qCaSQdUVzMAdQ5kW9hB/FJV
f1FmO4szUPvWCwHVvynM8JCBfRM6E2jaET24yxJOJbEOKNYEtMCCe2+uhUVKe4pc
w6GzmD0g1ODfW3mdnlF3DNokBKAd85sB3/owJhxBbwBUPEUmk+DVSCAiM8paO8pT
b89BoqN63hdal8fCO8BtNngl3oI+xS3kKRCWkn5IuEZdDxCUqB8CzX9QMGX84DhH
wlHvvFuqOpDJt07ULh3a/T4QxoLCYQYS+a7KWmZQhObe/4ecWOrxKHrugB/cXzGu
4V+02OKB9Gq03AVSLhfO50yIhoggHEDyIvDzFaBRcfZxtIDXY2F49A+VWaLLixYt
ZixrrK0HMEJMvSoXceQZU2g5Fi7qTCwuOxirhq0zOlI/orAQTHVthcmBYqt2jX1X
7075/lmjJd0mS3hqofOYfbkTQutYI8hjXqFfcIOqkhNwyiGge9/qejULy29MoEir
jvB5sUg9joI77LjoE2e7v1NBq2XHSyMFfAkr9D2Dd/qYiMBgyhjBUGwIs7BmDcES
8fRwJynRgUElX1YiREIMRtCvxz+GwhF7Smnu1KXqeo7OotKI4783Qp0R+RIcaczb
VmWnaK6v5TVaxGO+0Yw8eFjts/UTrrECcc9D7LYC9DzFmb6fpdKwQl/cUQARAQAB
tB5mZWVkYmFjayA8ZmVlZGJhY2tAc3ZyLmdvdi5ydT6JAjkEEwECACMFAl7bruoC
GwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDyY8kgehzDs0MAD/4yx68x
ijVJSoRx/ArI4g4MBK9h1f76aQtIsisQZdysS0gI9TXiOiTH+ncezzjLl6dpogq8
06MxSKX5xqWTdYzuHmJYmk51mDOzLV5B5wu/hz7FJ/JWow8qX3S0T1kGZiAhx1l7
lgtZ2fSCgad7XEWUIQBL93s0wqYfr3Tk1ZRLrFx+ds29IlP3xHz4MZhvEcbgoWUo
9NMefp5nzLwTNcyKOs14VA8cPR6i0DboPRGO85WW1mVFl+Uii76HRqNVLy30dgXt
6VPYVgAh1Tki2OX9W2SFwp2q97y9LSpYZlwZBZgS2k6FiCj59FCUdJWe3PBZ+sQR
kXS5/Nh/UUqHH++Cpedgu9RwG/jpjMHOg4zOrdx4UT5a52/MhX/7nqmG2s99c3tx
03I4m9dSe9S/pvfE6q3+eQrb3AFgixhpzlRCJulEcMd4HerfpAJkRJDKQojkG8tR
aV9FEDz669mFlUtgRBTEp7TMT2/JbkreqONQ/ycL7KRXRLTM7Ql0oL3Xzuddio2Y
ic2R0/03sTVENblMysQvUDw9IOEV+PtWRSwosa7YxwcEYkOwtMjOsGjJ6CtbAq3d
ByNhS+9lX6QM9VKtge5JwC519emSDEKnt4SvEwRcWLnWU90+rEBPsIou3HFEwQ8a
YV9tCx2MYia8e/yz6VsSpecVVkB6wWroP33oWLkCDQRe267qARAAwhrcr4W0tBOW
Xo++XlsS55Efy8bhM+H/ETP1Z8VhdgbC8LwmTAeCWp/FztoblhNGUlBfvy8ZqHS9
3D5U/SQo+WOBuvaQ28RtY/0JCML6Ms+u0W1UE2TbM499TQMO3xZWozacy7qrkg0O
SCL1JQ0YLLPdUa9T9I2ZUrplww7b/wN+NFRUkPd5tDsPbKKul0aw4y0IJVSIhXU4
XrQUX0iff5jIymzqEr1u15iEX6AwvwT3iHNCEhr0lWe7KVnjr3pxG1tlBS5cECrp
1D3twOCTJrQKhsJBaPNG8yhj4hHG0iPmgb4SLonRwyzoRFg9/F7ALig4P26lmN67
3UYpTr4jGxBiAPyMohzj4mWfDjp95blIs7c1Yf1DcqhO/ODAX0qtlWivp/uNB73p
ry/ixPP18YrDnCEzW4U8uJ/yiony4U9O0G26GjtEgB7ZGryk6fToRepCd8hL0hsM
p3iLxm5LYvtDw4EExTNksNLgxIp7KNN+/tb0o7b4Y8UoG6fVMpywVID6iKeyIiVW
5KhKRRYCw84VMWs5yl6igEc1FEplAw804zANIqM2J/QBfgplstrhJ3Y6wkHFEblT
8TvTqGr5MJzkSr1ZxnX6uVctKR8VTIHy7gHQ3G3Z75saNvcU+4qqNg/0PfLbnW/O
79x5UiIZa2vNaIl1kSRn98YsMKEYlk0AEQEAAYkCHwQYAQIACQUCXtuu6gIbDAAK
CRDyY8kgehzDs/VcD/9y7TtPthPTgkWGlnCXl+wL9BWFnumbQrYq7SQ5AauI86BH
5LCjweoPcgUkG3GF0o81NEZpWh+ZDl0h5VzEdc7bvQt9ZP16czuwhyZiK+b2me/n
Lutx9b2fUePRfKBnhm1vomShcvOXH3fmp80w9JsB92Wj56Ajo5WR3hIcHHheOSRa
63K/rzdQZ7UIDPDVIROEHMJciuo8V2H+FNvHkjSJPkgnAj17+XqvAEUdMF9hTHUN
uM2AajUrpWB3OXpbTMCDWbXoBWMDfVki7EFiFftXkLnaExqk2A9zgjEy+nht9S1y
l6NXwM6McpHxClzSoZDTDugywUPF3Izx1F5tca0DJeoyNTs3Gp6CcEnV9Qs9F5MW
0iw2mi5eF1uHV0JOQGLkFQWuGeyoe9Nio3L9Ho3uEzInQ/V9uvo84RbfarmmVXFY
lVjF2icAMzU3eTOGqAUIS10XFADYxRfogqG25jjjwFS4b/9YJqsImE8e+x75f+z6
0Nx0SAfvURUNjqPcTyQhpnlHPg8ayZzECLF2NCeLRQo8s/zNd3IxRJpdbgjgLK4A
L7/Zek4rAP8W0fc2wcFZjuwRCvPWvIID3mP1EsUru5TLSfkxo2B03HzPB6WMyH5v
iSzLXvjpn272L9B1TE8FFBC6Dl0U74+np+lHVM+qIEfWE8KMK3nVEqIXBfzGcQ==
=5vim
-----END PGP PUBLIC KEY BLOCK-----

Stay tuned!

Continue reading →

Joining Team WhoisXML API!

Dear blog readers,

This is Dancho and I've decided to let everyone know that I've just joined forces with Team WhoisXML API on my way to fight and disrupt cybercrime globally for the position of DNS Threat Researcher and that I would be releasing a variety of upcoming research articles including white papers and case studies on a variety of topics including the use of Maltego in combination with WhoisXML API integration for the purpose of cybercrime research and threat intelligence gathering.

Two of my most recent reports include:

- Profiling the bulletproof hosting infrastructure behind an online E-Shop for stolen credit cards information

- Profiling the infrastructure behind a botnet C&C infrastructure using Hostinger's legitimate infrastructure

Stay tuned!

Continue reading →

Dancho Danchev's Blog - Mobile Android-Based Google Play Application Available!

Dear blog readers,

This is Dancho and I wanted to let everyone know that I've released a mobile Android-device compatible Google Play application for my personal blog where I intend to reach out to more readers and acquire a new type of audience. Grab a copy today!

Stay tuned!

Continue reading →

Security Interview with Me - In Russian!

Dear blog readers,

Check out this interview with me in Russian!

Stay tuned!

Continue reading →

Recommended Song of the Day!

Dear blog readers,

I've decided to continue posting and recommended relevant and high-profile songs of the day with the idea to empower you to stay on the top of your game and to empower and offer a new listening experience for your work. 

Stay tuned!

Continue reading →

Dancho Danchev's Second Edition of Cybercrime Forum Data Set for 2021 - Direct Download Available! Request Copy Today!

Dear blog readers,

This is Dancho and I wanted to let everyone know that I've just released the second edition of the original "Cybercrime Forum Data Set for 2019" this time including an additional set of full offline copies of over a dozen of publicly accessible cybercrime-friendly forum communities with the idea to distribute the Data Set to the academic community including vendors and organizations and researchers including U.S Law Enforcement and the U.S Intelligence Community part of my currently ongoing Law Enforcement and OSINT operation "Uncle George".

Users interested in receiving a direct download link (19GB) of the second edition of the Cybercrime Forum Data Set for 2021 which now includes full offline copies of over 111 publicly accessible cybercrime-friendly forum communities should approach me at dancho.danchev@hush.com and I would be happy to offer a direct download link for you and your organizations.

Sample cybercrime-friendly forum communities included in the Data Set include:

evilhack.ru.rar

gerki.pw.rar

ProLogic.rar

SEOForum.rar

c-cracking.org.rar

Whitehat.vn.rar

neadekvat.ru.rar

www.opensc.ws.rar

gofuckbiz.com.rar

Darkode.rar

hackademics.fr.rar

darkmoney.de.rar

xaker.name.rar

Xakep.bg.rar

sysadmins.ru.rar

PhreakerPro.rar

Master-X.rar

Chf.rar

Darkmarket.la.rar

Webmasters.ru.rar

reversing.cc.rar

monopoly.ms.rar

Exelab.rar

blacktip.top.rar

ghostmarket.net.rar

DomenForum.rar

Antichat.ru.rar

Hack-Port.rar

ProxyBase.rar

replace.org.ua.rar

Eviloctal.rar

Xakepok.rar

WWH-Club.rar

Szuwi.rar

GoFuckBiz.rar

www.forohack.com.rar

Promarket.rar

pay-per-install.org.rar

LinkFeed.rar

TotalBlackhat.rar

Mr11-11mr.7olm.org.rar

iFud.rar

Piratebuhta.pw.rar

BPCForum.rar

ForumSEO.rar

Cracked.to.rar

Forum.Zloy.bz.rar

ProCrd.rar

Crack-Forum.rar

alligator.cash.rar

Mmpg.ru.rar

MaulTalk.rar

ForumSape.rar

SEOCafe.rar

dwh.su.rar

BigFozzy.rar

Gla.vn.rar

Zismo.rar

it-24h.com.rar

Forum-UINSell.rar

carderplanet.rar

4HatDay.rar

Toolbabase.se.rar

ubotstudio.com.rar

aHack.rar

Linuxac.org.rar

imhatimi.org.rar

Svuit.vn.rar

Free-hack.rar

xaknet.org.rar

www.ryan1918.com.rar

Darkmoney.rar

shadowcrew-2.rar

Hackersoft.rar

BlackhatWorld.rar

Nullnoss.org.rar

365Exe.rar

Aljyyosh.rar

forum.cybsecgroup.com.rar

Hackingboard.rar

Szenebox.rar

Cardvilla.rar

iHonker.rar

SkyFraud.rar

H4kurd.com.rar

moneymaker.hk.rar

CNSec.rar

Cyberizm.rar

Turkhackteam.rar

forum.reverse4you.org.rar

CNHonker.rar

security-teams.net.rar

itsobr.com.rar

Spyhackerz.rar

ArmadaBoard.rar

iransec.net.rar

xaker26.info.rar

11Wang.rar

Hackings.rar

Sample directory listing for the "Cybercrime Forum Data Set for 2021":

Stay tuned!

Continue reading →

Announcing Astalavista.box.sk's Flagship Dark Web Search Engine! Visit Us Today!

 

Continue reading →

Recommended High-Profile Daily Military Technology Video!

Dear blog readers,

Continuing the "Travel Without Moving" blog post series where I used to feature a high-profile publicly accessible satellite imagery for a variety of high-profile locations throughout the years I've decided to share a highly recommended video which is basically a THAAD demonstration video which you should watch and enjoy in case you're interested in learning more about modern military technology.

Stay tuned!

Continue reading →

Dancho Danchev's Blog - Proprietary MISP (Malware Information Sharing Platform) Instance Running - Request Access Today!

Dear blog readers,

This is Dancho. I wanted to let everyone know that I've recently started running a proprietary MISP (Malware Information Sharing Platform) instance where I distribute and share most of my proprietary research with a variety of third-parties including connected instances or users who have API access to my research which is now also available in STIX/TAXII including MISP format where you or your organization can request API access to my proprietary threat intelligence feed for research or commercial purposes by approaching me at dancho.danchev@hush.com

Sample categories which I cover in my daily batch of proprietary threat intelligence research include:

• Targeted Malware Analysis - An Analysis
• In-the-Wild Malware Analysis - An Analysis
• Targeted Phishing Analysis - An Analysis
• Malicious URL Analysis - An Analysis
• Targeted Mobile Malware Analysis - An Analysis
• APT Coverage - New Campaign
• Fraudulent Infrastructure - An Analysis
• Online Fraud Campaign - An Analysis
• Historical OSINT Campaign - An Analysis
• Russian Business Network coverage
• Koobface Botnet coverage
• Kneber Botnet coverage
• Hundreds of IOCs (Indicators of Compromise)
• Tactics Techniques and Procedures In-Depth Coverage
• Malicious and fraudulent infrastructure mapped and exposed
• Malicious and fraudulent Blackhat SEO coverage
• Malicious spam and phishing campaigns
• Malicious and fraudulent scareware campaigns
• Malicious and fraudulent money mule recruitment scams
• Malicious and fraudulent reshipping mule recruitment scams
• Web based mass attack compromise fraudulent and malicious campaigns
• Malicious and fraudulent client-side exploits serving campaigns

Sample screenshots of the research posted at my proprietary MISP (Malware Information Sharing Platform) instance:

Stay tuned!

Continue reading →

Recommended High-Profile Psytrance Song of the Day!

Dear blog readers,

This is Dancho. I wanted to take and effort and present a newly launched series of blog posts called "Psytrance Song of the Day" where I intend to share with you some of the high-profile and currently circulating psytrance songs with the idea to help you reach out to a new set of music including to empower you with a new set of music choice for your listening and enrichment experience.

Stay tuned!

Continue reading →

Dancho Danchev's Cybercrime Forum Data Set for 2019 - Request a Copy Today!

Dear blog readers,

I've recently updated my original "Cybercrime Forum Data Set for 2019" to include an additional dozen of publicly accessible cybercrime-frindly forum communities which are ready for processing and enrichment. With the original Data Set now 16GB and basically including full offline copies of some of the most prolific publicly accessible cybercrime-friendly forum communities which basically consists of 1M of raw Web sites ready for processing and enrichment users interested in obtaining access to the original Cybercrime Forum Data Set for 2019 for research and enrichment purposes including to participate in my currently ongoing Law Enforcement and OSINT Operation called "Uncle George" should approach me at dancho.danchev@hush.com in order to obtain access to the Data Set for research purposes.

Sample graphics which I've recently produced part of the currently ongoing Law Enforcement and OSINT Operation called "Uncle George":

Sample publicly accessible cybercrime-friendly forum communities included in the original Data Set include:

evilhack.ru.rar

gerki.pw.rar

ProLogic.rar

SEOForum.rar

c-cracking.org.rar

Whitehat.vn.rar

neadekvat.ru.rar

www.opensc.ws.rar

gofuckbiz.com.rar

Darkode.rar

hackademics.fr.rar

darkmoney.de.rar

xaker.name.rar

Xakep.bg.rar

sysadmins.ru.rar

PhreakerPro.rar

Master-X.rar

Chf.rar

Darkmarket.la.rar

Webmasters.ru.rar

reversing.cc.rar

monopoly.ms.rar

Exelab.rar

blacktip.top.rar

ghostmarket.net.rar

DomenForum.rar

Antichat.ru.rar

Hack-Port.rar

ProxyBase.rar

replace.org.ua.rar

Eviloctal.rar

Xakepok.rar

WWH-Club.rar

Szuwi.rar

GoFuckBiz.rar

www.forohack.com.rar

Promarket.rar

pay-per-install.org.rar

LinkFeed.rar

TotalBlackhat.rar

Mr11-11mr.7olm.org.rar

iFud.rar

Piratebuhta.pw.rar

BPCForum.rar

ForumSEO.rar

Cracked.to.rar

Forum.Zloy.bz.rar

ProCrd.rar

Crack-Forum.rar

alligator.cash.rar

Mmpg.ru.rar

MaulTalk.rar

ForumSape.rar

SEOCafe.rar

dwh.su.rar

BigFozzy.rar

Gla.vn.rar

Zismo.rar

it-24h.com.rar

Forum-UINSell.rar

carderplanet.rar

4HatDay.rar

Toolbabase.se.rar

ubotstudio.com.rar

aHack.rar

Linuxac.org.rar

imhatimi.org.rar

Svuit.vn.rar

Free-hack.rar

xaknet.org.rar

www.ryan1918.com.rar

Darkmoney.rar

shadowcrew-2.rar

Hackersoft.rar

BlackhatWorld.rar

Nullnoss.org.rar

365Exe.rar

Aljyyosh.rar

forum.cybsecgroup.com.rar

Hackingboard.rar

Szenebox.rar

Cardvilla.rar

iHonker.rar

SkyFraud.rar

H4kurd.com.rar

moneymaker.hk.rar

CNSec.rar

Cyberizm.rar

Turkhackteam.rar

forum.reverse4you.org.rar

CNHonker.rar

security-teams.net.rar

itsobr.com.rar

Spyhackerz.rar

ArmadaBoard.rar

iransec.net.rar

xaker26.info.rar

11Wang.rar

Hackings.rar

Stay tuned!

Continue reading →

Cyber Threats Facing U.K’s Internet-Connected Infrastructure - An OSINT Analysis

In today’s modern Internet-connected World hundreds of thousands of users continue joining the Internet on a first-time basis potentially getting themselves exposed to a multi-tude of malicious software spam and phishing attacks including active participation in botnets which basically represent an automatically controlled tens of thousands of Internet-connected hosts under the supervision of a remotely-based Russian cybercriminal who’s making tens of thousands of money on a daily basis by using the access to the Internet-connected hosts potentially exposing home users and corporate networks to a variety of online-based threats such as for instance the direct compromise of the confidentiality availability and integrity of the targeted host and its infrastructure.

With more cybercriminals continue to look for ways to monetize access to malware-infected hosts by actively launching malware spam and phishing fraud campaigns online more users continue getting exposed and potentially falling victim into these type of scams with the cybercriminals behind these campaigns successfully compromising home-based and corporate networks while earning fraudulently obtained or generated revenue from the access to the malware-infected hosts.

In the following free threat intelligence report we will offer an in-depth actionable intelligence on modern cyber threats facing U.K’s infrastructure with the idea to raise awareness on the degree of sophistication and persistence on behalf of Russian an international-based cybercriminals who seek to obtain access to home and corporate-based networks possibly seeking financial gain. We will also provide a sample threat data to showcase our modern threat intelligence platform in action which works by intercepting and reponding to modern cyber attack threats which include Client-Side Exploits, Web Site Defacements, Radical Propaganda, Scareware, Rogueware, Phishing, Spam, Malicious Software, Botnets, Command and Control Infrastructure, Compromised Web Sites, oney Mule Recruitment facing U.K’s infrastructure and actually notifies the affected party in an automated fashion.

Users who are interested in gaining more insight into their network’s susceptibility to modern cyber attack threats including their home and corporate network including their ISP (Internet Service Provider) should approach us at - dancho.danchev@hush.com

Sample geolocation graphs of malicious and fraudulent threats facing U.K based Internet-connected infrastructure:

We’re currently possessing and is building and capable of processing a huge portion of cyber attack threats and trends directly affecting U.K based infrastructure in the form of malware spam and phishing campaigns that are directly involved in abusing and actually using U.K based infrastructure for the purpose of serving malicious software to thousands of U.K based users.

The following list of U.K based IPs only is exclusively made available online for free in this report to showcase and demonstrate our capabilities in the field of passive and active threat intelligence gathering where we can confirm and further present actionable intelligence on currently active cyber attack threats and trends directly affecting U.K based infrastructure:

35.214.68.112

162.125.64.15

51.89.1.32

185.2.168.11

81.136.146.213

2.28.53.52

185.61.154.31

142.93.45.42

35.242.133.15

213.249.156.189

46.33.147.137

51.89.124.173

45.155.37.214

51.89.1.33

176.58.97.28

86.175.242.115

93.114.133.116

93.115.19.91

81.139.212.175

62.31.75.71

93.114.133.197

185.213.92.39

92.26.228.184

157.245.37.67

163.171.129.134

92.19.213.191

93.114.133.248

167.71.139.13

161.35.174.136

165.232.98.36

165.22.114.28

45.153.185.29

62.249.196.95

149.255.62.4

35.214.67.167

139.162.236.246

185.61.154.32

51.89.124.171

31.22.4.235

51.89.125.44

185.79.57.226

77.92.85.129

163.172.24.234

185.61.154.14

185.61.154.59

18.132.117.2

185.61.152.51

188.166.149.118

35.214.15.47

31.186.241.6

31.186.241.7

178.62.16.8

149.255.62.32

3.9.72.193

35.214.24.216

178.79.159.39

35.214.1.217

95.215.225.4

81.19.211.5

81.134.179.184

185.119.173.225

77.72.1.34

87.247.241.226

31.22.4.47

77.95.39.114

51.89.165.211

5.77.41.134

51.141.44.139

52.56.165.79

139.162.216.232

185.61.152.57

51.89.25.73

149.255.59.19

212.159.19.64

149.255.58.5

149.255.59.21

92.29.242.236

51.195.53.35

212.53.87.32

35.179.45.66

193.35.59.75

95.128.135.195

82.163.176.111

149.255.58.11

31.22.7.249

149.255.62.3

149.255.62.84

212.48.71.252

81.21.67.66

92.9.159.19

86.136.28.196

185.27.133.17

185.35.248.241

85.13.236.74

212.71.235.242

31.22.4.32

78.129.193.31

185.119.173.175

35.178.95.133

45.76.141.247

77.68.64.13

134.122.111.246

35.178.75.69

185.195.15.164

193.228.91.123

84.9.167.126

35.214.26.147

51.89.213.132

81.134.191.159

167.172.63.188

35.214.79.238

165.232.41.21

3.8.1.57

167.71.136.128

87.74.29.81

153.92.6.164

95.154.197.119

185.27.132.35

185.27.134.149

18.133.21.247

3.9.96.87

167.172.54.212

84.9.15.237

46.183.8.124

212.48.85.212

185.221.216.3

161.35.37.124

194.113.164.98

34.89.5.69

188.64.184.197

2.58.45.55

51.89.1.122

81.27.85.12

163.172.64.8

45.133.239.14

81.27.85.16

3.9.114.98

52.56.233.157

188.64.184.32

178.62.124.226

134.213.52.19

2.58.45.44

93.114.234.153

161.35.37.228

178.62.19.66

81.134.82.82

62.31.126.33

81.141.62.66

185.119.173.126

161.35.167.148

81.19.215.2

77.68.94.173

35.214.27.2

188.221.167.118

163.172.117.155

46.32.228.182

178.62.61.73

149.255.59.13

132.145.52.64

193.33.179.215

188.64.187.125

85.92.66.66

82.145.45.44

31.22.4.145

212.159.9.91

212.159.8.91

91.197.228.236

37.72.185.69

167.99.85.231

163.172.43.169

5.134.9.175

194.168.31.9

34.89.12.233

82.136.32.4

77.68.64.19

193.228.91.147

161.35.42.12

165.232.36.42

31.22.4.18

89.238.169.228

142.93.46.172

149.255.62.9

87.117.252.199

35.214.73.159

35.176.215.79

93.93.131.127

85.92.85.182

149.255.62.6

149.255.62.12

149.255.58.67

193.228.91.124

149.255.62.8

193.239.84.138

81.27.85.22

136.244.66.68

37.247.116.196

91.197.229.185

81.19.215.11

163.172.151.61

87.117.242.75

31.22.4.44

149.255.58.38

77.72.1.26

217.199.161.27

149.255.58.54

193.56.28.228

89.249.67.11

85.159.215.156

185.119.174.179

161.35.162.151

195.62.29.157

185.4.48.18

149.255.58.63

78.157.192.66

81.27.85.13

35.214.19.152

193.189.74.26

161.35.173.212

91.238.162.172

149.255.58.6

212.53.86.41

77.68.64.4

159.65.84.49

79.124.8.24

167.99.94.58

161.35.174.17

87.239.16.224

139.162.223.68

95.154.214.2

185.216.78.119

212.53.86.59

185.186.77.219

188.39.9.4

5.153.218.41

193.189.74.128

195.8.196.51

77.92.84.46

94.23.154.81

149.255.62.55

95.215.225.11

89.187.85.68

51.89.183.112

18.133.126.236

5.153.222.49

91.238.164.173

149.255.62.1

77.92.79.11

77.72.1.2

193.189.74.23

78.129.229.128

77.92.75.5

81.199.123.251

82.145.43.13

195.8.197.17

77.72.4.82

149.255.58.59

213.48.84.177

94.6.158.41

86.143.83.133

149.255.62.68

213.167.75.22

213.167.81.22

185.162.227.59

159.65.85.225

132.145.48.21

95.131.65.73

159.65.82.232

149.255.58.34

178.62.71.77

5.134.8.3

185.151.29.15

81.19.211.34

82.11.71.131

193.228.91.162

92.31.139.55

87.247.244.225

185.119.173.148

185.53.58.6

193.56.29.251

5.149.248.2

64.227.37.235

157.245.41.24

185.119.173.135

82.145.61.23

77.68.64.3

185.119.173.79

167.172.55.123

78.141.195.165

35.214.77.221

91.238.161.176

149.255.62.61

149.255.58.44

81.19.215.118

196.196.24.58

185.42.223.211

86.157.45.192

51.6.171.224

35.214.96.217

51.68.197.173

185.116.212.227

163.172.129.13

185.181.9.96

178.62.88.182

86.148.87.73

164.39.7.99

178.62.36.47

185.247.116.43

185.217.42.143

35.214.31.38

151.236.45.28

5.69.155.97

77.68.92.117

2.56.8.112

51.75.191.176

161.35.32.4

178.62.45.51

185.94.191.88

5.152.211.66

149.255.58.66

163.172.75.16

37.221.113.76

91.238.165.174

92.223.59.27

188.227.176.44

94.76.216.82

185.61.153.96

51.68.197.96

149.255.59.15

178.62.17.145

79.124.8.122

178.128.35.99

91.136.49.168

86.135.181.31

178.62.23.63

64.227.41.62

185.119.173.11

185.119.173.218

77.68.93.127

163.172.91.236

3.8.171.178

45.76.132.111

151.227.42.63

86.7.86.4

217.61.22.186

136.244.77.163

161.35.45.242

167.99.84.182

217.199.187.189

167.99.89.3

178.62.84.15

91.134.252.221

2.25.93.86

45.77.229.217

81.27.85.14

178.128.44.183

193.56.28.192

92.24.137.113

178.128.39.213

86.179.186.74

163.172.88.136

149.255.58.9

64.227.39.7

149.255.58.47

149.255.62.36

185.61.154.215

167.172.55.6

185.61.154.211

212.48.78.195

185.119.173.13

185.119.173.98

185.119.173.33

45.155.39.219

178.62.93.112

89.238.181.82

2.56.8.13

217.199.187.192

68.183.41.187

78.129.132.132

178.62.21.171

185.112.249.122

217.199.187.71

92.41.181.235

185.119.173.144

185.61.154.217

151.236.32.52

149.255.62.95

62.173.65.199

149.255.58.42

149.255.62.66

136.244.67.223

77.68.64.18

167.71.132.227

77.68.64.2

54.36.165.28

82.163.177.168

213.175.211.9

51.75.75.197

2.56.8.123

3.9.124.26

3.11.41.76

77.68.6.69

77.68.64.14

149.255.59.16

89.187.86.8

93.114.234.224

178.79.166.163

185.27.134.129

188.166.149.25

185.123.97.177

81.155.98.236

185.119.173.193

185.119.173.82

185.221.216.42

138.68.174.216

5.133.182.68

178.62.36.138

193.117.128.196

178.79.182.95

87.117.195.2

157.245.36.7

167.172.53.248

193.39.253.37

149.255.62.97

149.255.62.87

31.22.4.72

77.92.69.132

35.176.82.52

93.115.87.59

93.115.87.58

178.62.98.144

87.239.18.66

5.77.42.45

91.136.48.141

185.119.174.147

92.24.156.251

185.112.249.218

31.22.1.133

141.138.214.187

77.92.82.196

185.112.249.41

89.238.162.51

89.42.31.117

3.9.66.169

149.255.62.86

81.19.215.3

185.119.173.26

185.17.24.221

82.163.177.185

185.181.124.24

81.19.215.8

77.92.89.1

188.166.171.84

83.223.113.122

31.22.7.243

159.65.82.186

138.68.175.176

77.68.64.5

176.67.162.22

213.5.177.116

87.246.114.156

85.92.68.71

81.19.182.228

81.19.215.61

81.31.75.149

3.8.44.221

51.89.147.253

178.62.92.244

3.8.21.213

52.56.236.57

5.148.32.222

157.245.33.228

2.56.8.146

178.62.31.59

178.239.162.23

178.239.162.12

2.56.8.113

87.239.19.51

163.172.143.161

178.128.42.65

77.68.28.46

165.22.123.159

89.238.181.79

93.93.131.124

159.65.26.65

178.62.96.66

87.247.244.117

151.226.2.198

185.27.134.219

178.62.28.135

95.215.225.217

86.18.117.139

185.112.249.39

91.211.153.251

185.116.214.196

79.79.58.94

185.119.173.211

89.187.86.59

149.255.62.31

149.255.58.65

165.22.112.229

2.56.8.132

2.56.8.16

178.62.69.32

95.142.152.194

195.8.196.188

95.131.71.25

185.112.249.2

31.24.224.224

178.128.175.52

185.112.249.146

185.27.134.221

185.61.153.95

185.112.249.22

185.112.249.227

77.68.64.21

46.37.162.88

185.136.156.118

178.62.77.224

139.162.241.213

185.119.173.77

185.112.249.226

185.112.249.62

185.112.248.29

138.68.138.114

89.36.25.234

185.119.173.136

89.187.86.233

81.19.215.13

178.62.26.97

68.183.32.68

188.166.175.18

195.122.167.234

77.68.64.1

151.236.38.234

77.92.74.183

193.189.74.89

185.112.249.9

78.146.113.189

185.119.173.65

176.24.45.216

46.38.153.188

149.255.58.33

92.16.56.239

185.96.93.149

78.145.11.117

185.112.249.13

178.62.87.36

89.168.181.243

93.152.29.74

92.28.15.221

87.74.64.18

77.96.156.155

92.28.12.127

89.168.174.41

92.25.161.233

62.7.225.136

92.26.62.86

84.9.59.31

167.71.131.218

185.112.249.95

89.168.172.194

79.79.151.254

81.178.231.245

185.112.249.11

149.255.62.88

77.92.69.142

149.255.59.17

185.112.249.55

217.199.187.196

77.68.74.98

185.119.173.154

178.239.162.18

45.76.136.217

89.187.86.6

185.119.173.173

185.119.173.229

167.71.141.98

185.185.126.123

185.186.77.239

149.255.58.43

68.183.36.56

45.77.228.5

77.68.85.228

3.9.141.162

178.128.39.155

87.246.92.223

188.65.114.122

185.119.173.96

94.177.251.11

165.22.117.157

91.215.184.246

165.22.114.132

167.71.136.197

165.22.125.176

163.172.13.153

157.245.33.114

165.22.125.84

157.245.39.229

157.245.33.187

5.56.133.111

157.245.39.9

185.186.77.238

157.245.37.237

185.186.77.243

159.65.52.247

157.245.43.235

217.61.22.212

178.128.161.173

178.62.111.76

178.128.169.194

51.75.161.172

178.128.168.41

165.22.117.29

78.142.194.36

165.22.119.161

167.71.142.4

167.71.135.42

159.65.52.184

5.152.211.78

167.71.131.238

167.71.132.123

167.71.137.214

185.61.153.73

185.136.171.122

212.18.237.75

159.65.53.157

167.71.141.222

193.56.28.185

87.247.245.132

95.168.186.145

89.238.162.35

5.56.133.137

54.37.19.16

185.49.68.139

212.38.166.79

178.128.47.12

45.67.14.181

217.112.35.74

68.183.37.6

193.56.28.245

167.99.88.98

178.62.36.58

159.65.84.229

178.62.117.21

193.39.255.51

193.56.28.44

185.99.254.29

51.75.74.22

138.68.133.162

178.62.31.171

178.62.27.7

68.183.37.76

178.62.27.133

193.56.28.163

146.185.16.148

45.67.14.157

68.183.36.8

68.183.39.48

167.99.89.173

185.186.77.46

167.99.84.235

68.183.38.6

178.62.27.235

178.128.32.65

178.62.112.14

51.75.169.51

178.62.64.129

45.67.14.154

178.62.42.121

178.62.28.7

51.75.77.226

165.22.121.173

178.128.171.65

165.22.127.149

178.128.163.42

178.128.169.6

68.183.33.229

149.255.62.37

159.65.87.166

178.128.169.88

149.255.58.23

81.19.215.71

82.145.41.43

149.255.59.14

95.215.225.33

185.119.174.45

91.238.163.174

213.175.192.37

185.197.63.252

142.93.44.49

45.67.14.164

51.75.161.114

165.22.124.63

45.67.14.171

163.172.53.245

81.19.215.173

5.134.13.214

185.27.134.218

89.145.112.18

3.9.182.46

194.39.164.121

46.32.228.244

51.89.233.72

45.67.14.194

5.134.13.242

193.56.28.126

165.22.127.137

185.162.225.56

167.99.94.144

188.65.115.194

95.142.155.121

3.9.57.228

95.154.196.75

145.239.7.179

95.154.197.8

217.199.187.194

81.19.215.17

151.236.219.91

5.134.14.14

149.255.62.7

77.92.74.1

92.12.93.27

146.177.24.114

82.31.245.156

163.172.93.174

62.233.121.47

178.62.36.95

185.166.131.146

167.99.192.252

31.132.1.61

89.238.162.36

91.222.9.75

193.189.74.35

45.67.14.162

138.68.161.156

193.189.74.71

144.173.6.226

95.215.225.28

217.61.19.212

196.52.9.47

142.93.47.16

45.67.14.163

45.67.14.61

178.128.42.28

176.58.121.153

178.32.59.84

158.255.47.247

159.65.88.168

139.59.163.235

139.59.175.26

159.65.83.94

77.92.69.1

178.128.37.37

87.239.16.151

149.255.58.53

178.62.28.219

138.68.169.255

95.179.238.145

23.19.58.91

95.142.159.11

45.77.88.79

138.68.184.128

163.172.154.119

138.68.165.213

78.129.239.42

31.193.131.141

91.186.8.38

159.65.95.55

95.215.225.34

149.255.62.89

185.61.154.61

178.62.32.28

68.183.44.49

81.19.186.241

46.183.13.146

93.114.86.223

46.183.11.58

149.255.58.1

87.236.212.241

195.74.52.216

178.128.167.5

178.128.46.8

167.99.91.177

159.65.81.86

95.215.224.43

87.247.245.131

94.136.37.252

77.92.82.1

185.24.97.222

51.75.186.45

193.56.28.144

167.99.195.48

163.172.59.35

77.92.88.1

89.35.28.66

138.68.156.95

84.18.195.55

195.49.147.145

93.113.111.97

92.43.17.151

68.183.41.147

178.62.51.7

193.39.253.48

178.128.34.194

159.65.81.17

91.232.125.67

167.99.89.22

139.162.229.9

185.64.213.245

139.162.235.145

89.238.162.13

176.67.162.146

77.92.66.141

91.197.228.193

185.119.173.142

185.119.173.29

212.48.91.172

91.186.8.189

94.177.249.211

68.183.44.112

77.68.64.16

185.27.134.171

193.56.28.14

45.67.14.165

77.72.1.14

77.68.11.121

193.189.74.53

92.43.17.144

193.189.74.83

163.172.142.165

163.172.144.82

138.68.175.115

131.111.48.73

167.99.81.228

163.172.147.222

5.134.14.2

81.19.215.32

46.32.252.29

45.138.81.88

185.61.154.214

91.238.164.175

151.236.221.184

213.175.222.32

192.165.54.175

178.62.37.241

193.189.74.68

167.99.83.224

185.221.216.5

77.68.24.234

188.166.146.167

89.238.188.97

138.68.145.36

83.67.163.73

212.159.128.72

185.182.91.122

185.136.248.18

167.99.197.172

89.238.188.124

142.93.43.166

87.239.16.155

149.255.62.96

142.93.38.157

149.255.62.18

45.63.96.51

195.8.66.1

188.65.113.3

46.32.231.239

77.68.94.236

217.112.35.57

92.29.78.85

87.247.245.144

193.189.74.38

68.183.35.95

81.19.215.14

185.119.173.92

217.112.35.76

217.199.187.199

77.68.64.12

45.76.137.86

95.215.225.23

89.36.223.157

178.62.21.247

185.181.9.161

68.183.38.69

89.46.222.136

185.17.27.112

213.219.39.118

79.73.242.42

92.27.192.35

84.92.99.43

178.62.63.119

185.136.235.56

185.3.95.138

138.68.161.252

77.75.125.36

185.119.173.85

185.119.173.45

3.8.8.24

159.65.83.246

139.59.165.167

92.27.118.11

81.27.85.19

82.145.55.124

87.117.235.116

178.62.38.19

178.128.168.236

54.37.17.252

3.8.39.112

149.255.57.226

167.99.85.165

185.27.134.172

178.128.38.235

35.176.197.139

51.75.75.88

78.129.131.216

217.112.35.92

139.59.178.97

68.183.41.254

185.24.99.231

77.68.86.172

31.193.129.115

31.22.4.24

68.183.41.164

162.125.64.6

46.37.172.159

167.99.198.132

31.22.4.112

68.183.37.7

167.99.82.172

138.68.135.224

138.68.136.238

87.117.225.42

77.92.75.1

82.163.176.78

212.48.93.62

82.146.145.252

178.62.62.139

68.183.34.55

85.13.236.178

95.154.192.98

5.77.39.213

185.116.213.185

85.92.73.13

77.68.91.214

163.172.14.176

77.73.3.212

3.8.126.176

85.159.252.3

178.62.119.137

185.114.96.35

185.119.173.198

178.62.88.5

46.23.69.42

138.68.182.128

163.172.185.194

77.72.1.16

81.19.215.4

212.113.135.13

77.68.15.243

167.99.81.221

213.123.134.145

51.38.83.33

185.53.59.4

178.62.45.222

83.142.229.79

167.99.85.214

5.77.39.4

163.172.75.98

149.255.58.36

159.65.92.43

178.62.6.38

178.62.21.111

68.183.47.77

178.128.43.76

142.93.36.242

178.62.111.237

185.112.248.58

68.183.32.243

167.99.193.219

217.199.187.63

178.128.32.9

178.128.35.181

81.133.236.83

89.46.222.195

51.38.71.2

178.62.39.195

217.194.215.97

78.129.138.114

212.113.133.235

5.134.8.159

77.92.75.2

77.68.28.232

95.168.189.112

178.62.68.27

163.172.34.195

85.92.85.168

185.119.173.239

185.119.173.174

149.255.58.51

35.178.164.143

176.56.56.144

51.75.174.135

77.92.79.1

185.65.42.16

185.193.36.146

91.238.163.121

178.17.41.174

176.74.19.164

5.134.14.51

185.17.27.124

178.62.9.232

176.67.164.141

31.193.129.188

212.18.227.146

159.65.86.191

193.34.148.151

185.136.159.59

66.155.22.157

173.46.85.239

46.183.9.227

77.72.1.86

37.61.239.99

46.32.253.178

91.238.161.174

185.17.27.115

81.19.186.251

134.225.33.95

83.223.119.97

46.23.69.44

212.71.244.222

5.77.55.141

86.152.153.154

185.136.165.183

195.7.226.158

157.245.32.57

139.162.233.131

159.65.86.177

159.65.91.252

173.46.85.179

185.53.174.192

87.117.246.122

95.142.159.2

95.179.231.176

185.27.134.212

185.166.131.147

188.166.173.128

139.162.212.57

142.93.37.39

185.58.226.245

213.122.157.8

185.114.96.97

163.172.185.153

185.27.134.134

185.151.28.162

91.232.125.217

167.99.81.28

77.245.76.88

163.172.185.229

92.232.176.235

185.151.28.153

178.128.166.157

185.58.225.28

142.93.44.126

217.61.16.74

178.62.63.52

78.129.241.197

178.62.118.244

178.62.27.198

178.128.161.154

159.65.84.42

159.65.91.172

178.128.45.139

163.172.71.131

91.228.6.226

185.27.134.117

142.93.39.71

213.175.217.224

178.128.39.122

78.142.194.82

178.62.96.215

185.119.173.155

95.215.227.247

52.56.73.24

5.77.39.131

77.92.81.1

77.92.69.41

89.145.83.123

185.61.152.61

188.166.158.242

91.222.9.74

5.134.9.33

178.128.168.121

77.72.1.17

178.62.86.87

139.59.169.84

94.46.192.2

185.119.173.194

77.72.4.98

185.65.43.4

185.17.252.198

81.19.215.6

95.142.155.153

185.27.134.216

185.134.21.75

178.62.36.153

195.181.164.3

87.117.239.148

87.117.239.151

81.94.192.167

87.117.231.157

95.154.237.19

185.96.93.157

37.61.238.8

167.99.81.74

31.22.4.121

217.199.187.195

178.79.153.45

77.92.69.27

3.8.196.134

78.137.119.83

45.77.231.7

213.175.217.237

163.172.154.79

37.72.184.117

185.61.154.17

178.62.95.9

87.246.92.242

5.77.55.7

178.128.164.153

87.248.222.128

195.181.164.19

77.92.64.15

85.92.68.119

163.172.75.8

163.172.184.173

149.255.58.37

84.18.198.45

185.184.141.145

159.253.56.213

212.53.86.144

192.121.177.249

185.119.173.36

94.236.31.25

185.61.153.116

178.128.39.135

178.128.42.229

139.162.254.59

185.195.14.34

163.172.54.8

213.168.249.128

178.79.177.222

46.43.1.197

178.128.163.237

185.119.173.6

151.236.57.217

213.48.83.178

185.119.173.5

5.56.134.155

77.72.1.66

178.128.36.178

139.59.162.31

178.128.165.243

185.239.172.242

178.128.171.239

167.99.196.54

138.68.179.35

185.119.173.245

178.128.169.238

178.128.41.158

37.122.215.132

178.62.4.131

159.65.85.153

185.119.173.21

178.62.127.246

178.128.165.33

163.172.82.228

167.99.196.63

212.48.85.48

178.128.36.115

178.128.36.154

176.58.98.83

212.48.65.55

94.229.72.122

185.119.173.24

87.247.241.143

185.61.153.125

178.128.163.233

94.177.253.18

185.9.51.36

148.197.223.3

185.119.173.119

178.128.169.145

78.129.224.195

178.128.168.79

178.128.166.224

185.61.153.72

185.123.98.155

185.151.28.68

35.214.38.142

89.238.162.126

94.76.247.61

212.53.86.192

193.227.111.111

139.59.178.3

159.65.87.52

89.187.85.8

138.68.133.121

188.65.113.193

176.126.246.37

159.65.26.241

185.239.173.226

167.99.84.237

217.199.187.193

185.181.124.16

185.123.99.5

167.99.194.152

178.32.61.14

188.65.115.184

193.189.75.166

163.172.194.169

82.145.32.23

185.61.154.53

212.113.132.182

83.223.124.14

91.238.165.173

212.84.79.79

195.242.46.245

82.68.82.126

185.119.173.213

185.4.128.78

195.8.196.34

193.189.74.86

89.46.222.223

185.217.43.142

5.149.255.4

89.238.188.42

167.99.92.166

217.61.21.138

35.178.125.63

185.121.139.238

35.176.65.84

77.68.12.21

94.229.166.45

46.37.176.115

159.65.48.138

185.119.173.179

138.68.166.53

51.75.182.252

212.57.234.53

176.56.61.4

217.199.164.1

212.48.94.169

66.155.22.152

185.121.139.229

185.17.183.176

78.129.185.15

Sample U.K based malicious and fraudulent infrastructure:

mailserver.gold-star.co.uk Feodo botnet controller

host81-134-45-212.in-addr.btopenworld.com Feodo botnet controller

host81-133-240-126.in-addr.btopenworld.com SASL Botnet Scanner

host81-137-254-87.in-addr.btopenworld.com Bot

host213-122-157-8.range213-122.btcentralplus.com Trojan Linux Hajime

host81-149-18-232.in-addr.btopenworld.com Botnet DB Scanner

host86-150-40-102.range86-150.btcentralplus.com Emotet botnet controller

host217-36-215-11.in-addr.btopenworld.com Emotet botnet controller

host86-152-153-154.range86-152.btcentralplus.com Trojan Skeeyah

host81-138-9-110.in-addr.btopenworld.com Compromised IP

host81-133-236-83.in-addr.btopenworld.com Trojan Skeeyah.A!rfn

host217-36-223-29.in-addr.btopenworld.com Compromised IP

host81-133-111-101.in-addr.btopenworld.com Compromised IP

host81-134-44-190.in-addr.btopenworld.com Compromised IP

host81-137-216-244.in-addr.btopenworld.com Compromised IP

host109-158-205-99.range109-158.btcentralplus.com Emotet botnet controller

host86-151-202-16.range86-151.btcentralplus.com Emotet botnet controller

host109-154-221-151.range109-154.btcentralplus.com Emotet botnet controller

host81-136-36-250.range81-136.btcentralplus.com Trojan Linux Hajime

host86-186-111-49.range86-186.btcentralplus.com Trojan HTML

host81-143-213-156.in-addr.btopenworld.com Compromised IP

host86-155-233-74.range86-155.btcentralplus.com Compromised IP

host81-130-149-101.in-addr.btopenworld.com Compromised IP

rjs1.gridhosting.co.uk Phishing

host86-171-217-218.range86-171.btcentralplus.com NanoCore botnet controller

host109-150-192-77.range109-150.btcentralplus.com Trojan

host81-141-164-237.in-addr.btcentralplus.com Compromised IP

host81-131-103-42.range81-131.btcentralplus.com Trojan

host217-35-75-193.in-addr.btopenworld.com Compromised IP

host213-120-104-180.in-addr.btopenworld.com Emotet botnet controller

host31-53-126-58.range31-53.btcentralplus.com Compromised IP

host81-150-168-234.in-addr.btopenworld.com Bot

host86-131-60-136.range86-131.btcentralplus.com Botnet DB Scanner

host86-188-55-208.range86-188.btcentralplus.com Compromised IP

host81-132-15-190.range81-132.btcentralplus.com SSH Bot

host81-149-233-202.in-addr.btopenworld.com Botnet DB Scanner

host81-150-215-121.in-addr.btopenworld.com Botnet DB Scanner

host86-145-54-69.range86-145.btcentralplus.com Bot / Compromised IP

host86-159-32-66.range86-159.btcentralplus.com Bot / Compromised IP

smtp.fosterplus.co.uk Botnet DB Scanner

host86-189-212-75.range86-189.btcentralplus.com Botnet DB Scanner

host165-120-169-238.range165-120.btcentralplus.com Vulnerability Scanner

host86-170-85-153.range86-170.btcentralplus.com Vulnerability Scanner

host81-133-216-92.in-addr.btopenworld.com Compromised IP

host81-157-234-90.range81-157.btcentralplus.com Emotet botnet controller

host81-140-228-253.range81-140.btcentralplus.com Vulnerability Scanner

host31-54-235-139.range31-54.btcentralplus.com Vulnerability Scanner

host86-153-14-36.range86-153.btcentralplus.com Vulnerability Scanner

host81-155-98-236.range81-155.btcentralplus.com Trojan Emotet

host86-148-254-37.range86-148.btcentralplus.com SSH Bot

host81-136-255-20.in-addr.btopenworld.com Compromised IP

host81-142-80-97.in-addr.btopenworld.com Compromised IP

host86-152-172-196.range86-152.btcentralplus.com Botnet DB Scanner

host81-157-66-50.range81-157.btcentralplus.com Trojan

host86-179-186-74.range86-179.btcentralplus.com Trojan

host5-80-68-84.in-addr.btcentralplus.com Trojan

host86-135-181-31.range86-135.btcentralplus.com Backdoor Berbew

host86-131-168-196.range86-131.btcentralplus.com Vulnerability Scanner

host86-148-87-73.range86-148.btcentralplus.com Trojan

host213-123-206-197.in-addr.btopenworld.com Trojan

host86-152-120-116.range86-152.btcentralplus.com Botnet DB Scanner

host81-129-192-250.range81-129.btcentralplus.com Compromised IP

host86-143-83-133.range86-143.btcentralplus.com Trojan

host81-147-115-159.range81-147.btcentralplus.com Compromised IP

host217-36-75-106.in-addr.btopenworld.com Trojan

host86-131-26-44.range86-131.btcentralplus.com Compromised IP

host81-134-82-82.range81-130.btcentralplus.com Trojan

host86-160-104-29.range86-160.btcentralplus.com Botnet DB Scanner

host81-141-62-66.in-addr.btcentralplus.com Trojan

host86-135-152-193.range86-135.btcentralplus.com Compromised IP

host81-156-16-147.range81-156.btcentralplus.com Compromised IP

host81-129-198-57.range81-129.btcentralplus.com Emotet botnet controller

host81-130-234-235.in-addr.btopenworld.com Compromised IP

host217-34-51-191.in-addr.btopenworld.com Trojan CoinMiner.BB!bit

host81-156-142-195.range81-156.btcentralplus.com Compromised IP

host81-133-142-45.in-addr.btopenworld.com Compromised IP

host81-136-146-213.in-addr.btopenworld.com Backdoor Linux Hajime

Sample U.K based malicious and fraudulent URLs known to have participated in malicious and fraudulent campaigns:

http://able-electrician.co.uk/pearson-revel/rep

http://annabphotography.co.uk/wp-includes/51/

http://blincpredict.co.uk/pm_ide/laravel/vendor

http://bms-guisborough.co.uk/leaked-usmle/INC/a

http://bms-guisborough.co.uk/wp-admin/nIdNw7fA/

http://catchpoolshetlands.co.uk/content/Pages/S

http://divergentcare.co.uk/wp-admin/LLC/0092551

http://dsfloats.co.uk/hayes-process/DOC/

http://entout.co.uk/wp-includes/wdh/

http://eternalbeauty.co.uk/cgi-bin/DOC/yas5e60a7/

http://fbase.co.uk/ALFA_DATA/lm/zAi1noAFpcQz19q

http://gardentransformations.co.uk/wp-admin/ln4

http://ihalesowen.co.uk/satta-matka/sites/DoPeZ

http://smartcourierexpress.co.uk/images/docs/si

http://support.servu.co.uk/behavior-goals/eTrac

http://thinkapply.co.uk/indexing/Overview/

http://thinkapply.co.uk/indexing/esp/Awwsr/

http://vapechaos.co.uk/wp-content/parts_service

http://violetsfloraldesigns.co.uk/0000765693-20

http://www.kentschool.co.uk/scgi-bin/invoice/

https://able-delivery.co.uk/test/Documentation/

https://alt-ltd.co.uk/docs/Documentation/onZ33q

https://bigrosbweb.co.uk/sample-letter/paclm/41

https://dsfloats.co.uk/hayes-process/DOC/

https://edwardscontracting.co.uk/test/eTrac/lza

https://hairbyjenniferx.co.uk/test/balance/zxuc

https://htequinetherapy.co.uk/test/H0QITEX/

https://jabberwockystudio.co.uk/wp/Documentatio

https://onetrepreneur.co.uk/test/gQX87a/

https://reallifehealthandfitness.co.uk/wp-conte

https://servu.co.uk/test/Reporting/LJKxaT/

https://sharifwahlaind.co.uk/wp-admin/400919527

https://smartcourierexpress.co.uk/images/docs/s

https://support.servu.co.uk/behavior-goals/eTra

https://susanjanetherapy.co.uk/test/parts_servi

https://tuneclick.co.uk/img/eBV/

https://whitemoors.co.uk/test/ydnOFG/

https://www.dogspad.co.uk/wp-includes/eTrac/ZAj

Sample U.K based Web sites known to have participated in malicious and fraudulent campaigns:

ricklambemusic.co.uk

osullivansremovals.co.uk

gospelcentral.co.uk

awservicesuk.co.uk

projectsolutionsinternational.co.uk

flawlessbydanielle.co.uk

integralpropertymaintenance.co.uk

grcollins.co.uk

adamhyland.co.uk

keysafeman.co.uk

fleetwoodvans.co.uk

robcooperchiropractor.co.uk

greenhill-action-group.co.uk

greenhillactiongroup.co.uk

source2save.co.uk

e4xxkqcdvt.zip

redstation.co.uk

deemproperty.co.uk

cheapbrakecalipers.co.uk

ohsewgorgeous.co.uk

angels-without-wings.co.uk

one2onedriving.co.uk

azureautomation.co.uk

krselectrical.co.uk

britiannia-worldwide.co.uk

chenabfoods.co.uk

jimrees.co.uk

cornetresearch.co.uk

handbag-heaven.co.uk

racinganalysis.co.uk

theabigailbloomcakecompany.co.uk

askaig.co.uk

eco-choice.co.uk

wmagri.co.uk

instarent.co.uk

adamdtmassage.co.uk

hitdaspot.co.uk

arkangelpetsitting.co.uk

mobilefueldoctor.co.uk

gmmfuelassist.co.uk

mobile-fueldrain.co.uk

trailevolution.co.uk

drummerscall.co.uk

britishvoices.co.uk

yikesjewellery.co.uk

tagmarket.co.uk

tagmakers-trade.co.uk

highfashionjewelry.co.uk

cheron.co.uk

philipshigh.co.uk

tagsforpets.co.uk

pmweddingsandevents.co.uk

jorowlingonline.co.uk

yaap.co.uk

silverduckdesigns.co.uk

bomoer.co.uk

cotonwear.co.uk

cpi-print.co.uk

srhomesandlettings.co.uk

aliff.co.uk

unit-security.co.uk

skiptondogwalker.co.uk

musicbloggery.co.uk

coachhire-oxford.co.uk

soultreewine.co.uk

seo-result.co.uk

replicavvatches.co.uk

melsdecor.co.uk

yourholidayguide.co.uk

rescuemission.co.uk

maxprofits.co.uk

confidentlook.co.uk

blinkro.co.uk

a-reality.co.uk

readtraining.co.uk

motulclassic.co.uk

keithpritchard.co.uk

bw-consorthotel.co.uk

uglytup.co.uk

hci-uk.co.uk

hostparty.co.uk

jkbeautyclinic.co.uk

maxprobe.co.uk

coachhire-miltonkeynes.co.uk

vetpro.co.uk

edwardmills.co.uk

pipspeakhypnotherapy.co.uk

builditexpress.co.uk

marylevens.co.uk

ptscompliance.co.uk

poor-boy.co.uk

websitehome.co.uk

visionsharp.co.uk

abernecessities.co.uk

ownatlast.co.uk

lowcostcoachhire.co.uk

rosemurphy.co.uk

iclenvironmental.co.uk

egfix4you.co.uk

usedcoffeemachinesshop.co.uk

beautyandcarelondon.co.uk

exceedit.co.uk

bingopinball.co.uk

trstabilisation.co.uk

benjamintalbot.co.uk

mgnit.co.uk

wholesaleusedbooks.co.uk

lordescapital.co.uk

Sample U.K based malicious and fraudulent web sites known to have participated in related campaigns:

http://able-electrician.co.uk/pearson-revel/rep

http://annabphotography.co.uk/wp-includes/51/

http://blincpredict.co.uk/pm_ide/laravel/vendor

http://bms-guisborough.co.uk/leaked-usmle/INC/a

http://bms-guisborough.co.uk/wp-admin/nIdNw7fA/

http://catchpoolshetlands.co.uk/content/Pages/S

http://divergentcare.co.uk/wp-admin/LLC/0092551

http://dsfloats.co.uk/hayes-process/DOC/

http://entout.co.uk/wp-includes/wdh/

http://eternalbeauty.co.uk/cgi-bin/DOC/yas5e60a7/

http://fbase.co.uk/ALFA_DATA/lm/zAi1noAFpcQz19q

http://gardentransformations.co.uk/wp-admin/ln4

http://ihalesowen.co.uk/satta-matka/sites/DoPeZ

http://smartcourierexpress.co.uk/images/docs/si

http://support.servu.co.uk/behavior-goals/eTrac

http://thinkapply.co.uk/indexing/Overview/

http://thinkapply.co.uk/indexing/esp/Awwsr/

http://vapechaos.co.uk/wp-content/parts_service

http://violetsfloraldesigns.co.uk/0000765693-20

http://www.kentschool.co.uk/scgi-bin/invoice/

https://able-delivery.co.uk/test/Documentation/

https://alt-ltd.co.uk/docs/Documentation/onZ33q

https://bigrosbweb.co.uk/sample-letter/paclm/41

https://dsfloats.co.uk/hayes-process/DOC/

https://edwardscontracting.co.uk/test/eTrac/lza

https://hairbyjenniferx.co.uk/test/balance/zxuc

https://htequinetherapy.co.uk/test/H0QITEX/

https://jabberwockystudio.co.uk/wp/Documentatio

https://onetrepreneur.co.uk/test/gQX87a/

https://reallifehealthandfitness.co.uk/wp-conte

https://servu.co.uk/test/Reporting/LJKxaT/

https://sharifwahlaind.co.uk/wp-admin/400919527

https://smartcourierexpress.co.uk/images/docs/s

https://support.servu.co.uk/behavior-goals/eTra

https://susanjanetherapy.co.uk/test/parts_servi

https://tuneclick.co.uk/img/eBV/

https://whitemoors.co.uk/test/ydnOFG/

https://www.dogspad.co.uk/wp-includes/eTrac/ZAj

Stay tuned!

Continue reading →