[nsp-sec] zbot 74.208.200.182

robert robert at servalens.com
Thu Mar 25 14:46:27 EDT 2010 

ACK for AS19262

all have been reported to abuse for notification

thanks!

Robert

Dirk Stander wrote:
> ----------- nsp-security Confidential --------
> 
> Hi Teams,
> 
> please find attached a list of ZeuS botnet drones which were connected to
> the c&c 74.208.200.182 (bestschoolloanconsolidation.com).  The timestamps
> are GMT+00 and the bot id contains the windows host name.
> 
>     kind regards, Dirk :.
> 
> -------------------------
> 

> 19262   | 151.204.246.161  | US | louis_pc_0001fef6 2010-03-01 22:22:59 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 173.78.37.30     | US | dell_laptop_00eff0ae 2010-02-24 16:57:28 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 70.16.43.131     | US | sherri_pc_000268a1 2010-03-08 19:34:39 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 71.127.142.172   | US | computer_1_00a116c5 2010-03-03 04:29:47 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 71.255.47.14     | US | dave_laptop_02fb4e3e 2010-03-05 23:10:05 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 71.98.13.51      | US | jgopal_pc_034571b6 2010-03-25 05:17:41 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 72.64.63.190     | US | lee_0064c146 2010-03-09 22:23:38 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 96.235.3.38      | US | michaellwood_pc_0003ccef 2010-03-25 00:12:10 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 96.240.93.246    | US | john_pc_000927bb 2010-02-22 15:19:22 | VZGNI-TRANSIT - Verizon Internet Services Inc.
> 19262   | 96.248.132.190   | US | user_d1cb247950_2fa51791 2010-02-22 13:28:12 | VZGNI-TRANSIT - Verizon Internet Services Inc.

> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>

More information about the nsp-security mailing list