Zeus (also known as Zbot or wsnpoem), just gets in the category of fraudulent and malicious. This is basically a trojan designed to recruit PCs zombies and phishing attacks, financial institutions, banking, social networking sites, stealing data from email authentication, FTP accounts, etc., combining techniques of scripting, exploit, among others.
66.113.136.225 powelldirects.com/awstats/stat1/main .exe
79.135.179.180 anytimeshopforall.com/new_dir/ldr .exe
79.135.187.112 newprogress.info/tmp/ldr .exe
81.176.123.220 light-money.cn/files/ldr .exe
81.176.123.221 conexnet.cn/nuc/exe .php
91.207.117.174 4utraffic.info/tmp/ldr .exe
118.219.232.248 moqawama.co.cc/zv/cfg .bin
208.113.161.124 ebayhelp.co.il/4ebay/5e .txt
115.126.5.50 1.google-credit.cn/q83wi/ld46 .exe
124.217.242.80 custom4all.info/syst/grepko .exe
193.138.172.5 upd-windows-microsoft.cn/zv/ldr .exe
195.2.253.137 mega-3k.com/krot22/rege .exe
195.2.253.186 firebit32.com/mako22/43r .exe
195.55.174.140 www.provis.es/imagenes/menue .exe
201.235.253.22 www.elsanto-disco.com.ar/.z/zeus .exe
211.95.79.6 horobl.cn/dll/cr .txt213.205.40.169 www.saiprogetti.it/r .exe
216.246.91.49 d1gix.net/forum/load .exe
216.246.91.49 www.commerceonline-service.net/chat/cfg .ini
218.93.202.114 marketingsoluchion.biz/fkn/config .bin
218.93.205.242 cosmosi.ru/lsass .exe
220.196.59.18 infinitilancer.cn/forum/load .php?id=861&spl=7
220.196.59.18 nepaxek-domain.cn/stores/hello .world
220.196.59.18 nepaxek-domain.cn/stores/urko .exe
58.65.236.129 userzeus.com/zw/cfg .bin
58.65.236.129 verified09.com/ldr .exe
58.65.236.129 wcontact.cn/zsadmin/ldr .exe
58.65.237.153 arsofcaribion.com/lder/ldr .exe
67.210.124.90 academcity.com/ic/6e .txt
67.210.124.90 academcity.com/ic/6e .txt
68.180.151.74 emailsupports.com/Info .exe
68.180.151.74 emailsupports.com/z/setup .ini
68.180.151.74 mypage12.com/control/cfg .bin
72.167.232.78 powelldirects.com/awstats/usbtn/conf .sts
72.233.79.18 i-love-porno.com/z/ldr .exe
72.9.154.58 daimtraders.com/vateranery/imgpe .bin
74.86.115.14 arinina.com/cfg/ntdrv32 .exe
77.222.40.33 chixxxa.com/tru/ldr .exe
78.159.96.95 zonephp.com/us/us1 .exe
85.12.197.41 danacompany.ru/css/cs .bin
85.17.109.10 sjfdhw395t.com/newzz/cfg .bin
It's quite dangerous if we consider that in addition to the typical actions of the malware, can be obtained by any person to deposit a certain amount of money in the account of its creators.
Perhaps this is one of the best reasons to argue why the many variants of "Zeus" who are In-the-Wild wiles to recruit zombies looking for our systems. The truth is that, although not up to its name, is one of the largest botnet of the moment.
Even though this last feature is threatened by other "alternatives" of the world as a botnet Waledac, recent Adrenalin, or smaller (in magnitude) Asprox (also known as Danmec) really must be careful not to be victims of these threats are always looking to successfully carry out its mission: to get our money and computer resources.
Related information
Waledac more loving than ever Spanish version
Danmec Bot, Fast-Flux networks and recruitment of Zombies PCs Spanish version
# Jorge Mieres
No comments:
Post a Comment