Active Threat • HIGH
102.89.17.238
Country of Origin🇳🇬 Nigeria
First Detection4/4/2026
Last Activity4/23/2026
ISPMTN NIGERIA Communication limited
🎯
354
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
21
Malware
Geolocation
- Country
- 🇳🇬 Nigeria
- City
- Lagos
- ASN
- AS29465
- ISP
- MTN NIGERIA Communication limited
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐345gs5662d34/345gs5662d34
2x🔐sammy/sammy!2025
1x🔐root/AAcc1234
1x🔐root/Qazwsx123123@@
1x🔐root/Welcome@2025
1x🔐ubuntu/A123456789J
1x🔐steam/steam04!
1x🔐root/qwerty123456-
1x🔐root/3edc!@
1x🔐minikube/123
1x🔐liang/123456
1x🔐postgres/Postgres29!
1x🔐mininet/mininet
1x🔐root/Kk123456@
1x🔐root/qazwsx654321@@
1xExecuted Commands
$
Enter new UNIX password:4x$
ls -lh $(which ls)2x$
cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'2x$
uname -a2x$
w2x$
cat /proc/cpuinfo | grep name | wc -l2x$
crontab -l2x$
cat /proc/cpuinfo | grep model | grep name | wc -l2x$
which ls2x$
lscpu | grep Model2xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
16144344522000
Vulnerabilities
CVE-2020-0796
Hostnames
gateway.oauife.edu.ng
CPEs
cpe:/o:linux:linux_kernel
Risk Assessment
65
/100
LowMediumHighCritical