Sponsored by..

Showing posts with label SpyEye. Show all posts
Showing posts with label SpyEye. Show all posts

Thursday 6 October 2011

Something evil on 194.219.29.139

There's something evil on 194.219.29.139 [Forthnet SA, Athens], in this case it appears to related to the SpyEye trojan. In particular, a lot of traffic seems to be going to ce.ms sites, searching your logs for references to ce.ms/main.php might prove fruitful.

All these following sites are malicious:

2fdf2asolhost.cx.cc
3lshegijlsjelsf.ce.ms
3rdkjhgtuhryt67.ce.ms
75pe.be.ma
aficaekooy.qpoe.com
anupadwxst.x24hr.com
arumakhbyu.ygto.com
asgdfsewsd.co.cc
ashlpdfsqf.qpoe.com
avddhzvg.instanthq.com
bestdatastore1.com
bprvnnpqyc.ygto.com
bqafbink.cx.cc
calnlwwofb.yourtrap.com
cgadrhvi.qpoe.com
clothingbusinessstore.info
clothingforyoushop.info
clothingtraffic.info
convenientpayment.info
covgeokzq.instanthq.com
crowpe.servepics.com
cxjigz.my03.com
databusinessone.com
datamallone.com
datamarketone.com
dataoutletone.com
datashopone.com
datashowroomone.com
data-store-1.com
datastore1blog.com
datastore1online.com
datastore1s.com
datastore1shop.com
datastore1site.com
datastore1store.com
datastoreone.com
dhdhdhjh54hh.co.cc
djdqexcw.isasecret.com
dloqfgcio.mefound.com
dpqriw.isasecret.com
dqxylh.my03.com
dttnablz.qpoe.com
ecebvi.my03.com
ednmzirslh.ygto.com
entrari.com
eoxsme.isasecret.com
euvhdowvp.instanthq.com
ewxdemz.isasecret.com
exdlyy.qpoe.com
ezhwsc.yourtrap.com
faduwav.freetcp.com
fipvbsttod.qpoe.com
flytrpp.mefound.com
fmafyj.ygto.com
fokhebfjfh.ygto.com
fqyfbigboi.x24hr.com
freedatastore1.com
free-download-therandomslovo.info
funezgmxl.my03.com
gaagvay.yourtrap.com
gchiebsojm.x24hr.com
gdoyvgieb.qpoe.com
georhur.fartit.com
gjxpgxg.ygto.com
gkgfmca.freetcp.com
gkkdgqfmy.instanthq.com
glyluf.mefound.com
gnmtls.instanthq.com
gtxxczmsb.isasecret.com
gxpeah.isasecret.com
gzadbqwc.my03.com
hbsopvyj.mefound.com
hellomyfriends67.com
hqxrukctww.instanthq.com
hsjhbqto.yourtrap.com
hspeqss.ygto.com
ifkeqj.freetcp.com
ihpvfu.yourtrap.com
ilqwzsqq.my03.com
informationstore1.com
informationstoreone.com
infostoreone.com
irqokfb.yourtrap.com
ivdtqmm.freetcp.com
jbnyvv.fartit.com
jdqcacl.ygto.com
jfdbdh.yourtrap.com
jfexczhud.freetcp.com
jiwxii.x24hr.com
jjqumfo.yourtrap.com
jkfyoik.qpoe.com
jntvkefj.ygto.com
jpxaxin.ygto.com
jtimtp.isasecret.com
kavlnhld.qpoe.com
kntvftiy.fartit.com
kssldi.my03.com
kstxdc.fartit.com
kucbmkpeth.qpoe.com
kumtbzg.freetcp.com
kvsxvfhgd.freetcp.com
kweghfjkgejfrwerjkasdfpo.ce.ms
lagotgdf.yourtrap.com
leemask.in
lenxwlkwn.x24hr.com
lgufpaq.isasecret.com
lhoefbmqpm.my03.com
ljutyucawp.my03.com
lmraufougs.x24hr.com
lqpara.freetcp.com
mahqgq.mefound.com
mail.byteworks.gr
mail.pcc.com.gr
mail.pcchellas.gr
mggzpjujp.my03.com
miwpcp.instanthq.com
mkktnracrl.freetcp.com
mklesklo.x24hr.com
mohlvpn.yourtrap.com
mydatastore1.com
mzxvdj.ygto.com
nacha-onlinereports.com
nerocambodia-megafakahero.org
newdatastore1.com
newthelargestsize.info
nlq1.cx.cc
nlq2.cx.cc
nlq3.cx.cc
nluyaupv.mefound.com
nshyxr.mefound.com
nslvpounp.instanthq.com
nzlprarwhe.yourtrap.com
obalhtwnni.ygto.com
obeaejh.fartit.com
obnihfya.qpoe.com
oisgrqyfbd.yourtrap.com
omrzzn.freetcp.com
onronmx.cx.cc
oodklht.mefound.com
oprwbnwneg.mefound.com
otgnzxhnr.my03.com
pfgphuwrog.yourtrap.com
pleasekindlyuse.com
pmchvicoe.qpoe.com
pnarfrkph.x24hr.com
psilzbwaoj.x24hr.com
qagcqzz.isasecret.com
qdcunen.mefound.com
qeexwxol.instanthq.com
qerfhgkadhsfukhertgrpotgjpoidfg.ce.ms
qerfyhufghasdfvyugeqrtrgpoi.ce.ms
qibmjf.x24hr.com
qorohel.yourtrap.com
qpwnbrxqwv.ygto.com
quickandeasypayment.com
qyldimwv.instanthq.com
qyrcrqd.isasecret.com
rcelrfitq.yourtrap.com
rdumycvvac.instanthq.com
rgrdpxd.instanthq.com
rgstvqjazj.ygto.com
rivehq.cx.cc
rncqdqqflz.instanthq.com
rphhsr.freetcp.com
rvqulvz.instanthq.com
searchengine-8.co.cc
sjwzptjmzs.ygto.com
spkusrqst.isasecret.com
tbpwhmo.instanthq.com
thedatastore1.com
thesmallestextent.info
thmofp.isasecret.com
tijymwgz.ygto.com
tlikndvz.my03.com
tnnlip.fartit.com
tohkdecuz.my03.com
tqurhuysr.freetcp.com
tqykpgzz.freetcp.com
tyfnjdyz.freetcp.com
uajvdsz.x24hr.com
uaziensc.isasecret.com
udtogltty.my03.com
ukrnfo.mefound.com
uqeotsfdy.yourtrap.com
us-creditsecurity.com
uwpozd.fartit.com
vedsxpph.isasecret.com
vlktxk.yourtrap.com
vvbuecbh.yourtrap.com
vxhwkdjli.mefound.com
vzubdvp.x24hr.com
wewnpmee.qpoe.com
wiigzu.instanthq.com
wmvutsa.mefound.com
wnaqyhxxjt.isasecret.com
wwpeacethroughmoderation.cx.cc
wwwapp-ups.net
wwwapp-ups.org
wztmhm.fartit.com
xapxtgkdf.x24hr.com
xezzktfzc.ygto.com
xhqkercj.yourtrap.com
xkvawo.x24hr.com
xndlgcthsf.x24hr.com
xngwbvt.isasecret.com
xqjgutso.qpoe.com
xxotjjgaqp.instanthq.com
yaktijc.instanthq.com
ycmylomyi.yourtrap.com
yfsicntu.my03.com
ygtrejyadk.qpoe.com
yoyljwmmw.qpoe.com
yvzhxbs.yourtrap.com
ywkxvgt.ygto.com
yxghgxfx.isasecret.com
yxhuzn.instanthq.com
zmlrikykf.ygto.com
zngbeeidwd.x24hr.com
zshogenmd.qpoe.com
ztgdtmz.qpoe.com