TROYANOSYVIRUS
Active ThreatMEDIUM

104.248.161.154

Country of Origin🇬🇧 United Kingdom
First Detection4/6/2026
Last Activity4/11/2026
ISPDigitalOcean, LLC
🎯
88
Total Attacks
🔌
4
Ports
📡
2
Attack Types
🦠
1
Malware

Geolocation

Country
🇬🇧 United Kingdom
City
Slough
ASN
AS14061
ISP
DigitalOcean, LLC

Attack Types

ssh_telnet_honeypot
tcp_trap

Attacked Ports

222237522921222

Associated Malware

8c9e4a87d09c3a51d019...

Attempted Credentials

🔐root/abc123..
1x
🔐root/hacker123
1x
🔐root/protect
1x
🔐root/mysql123
1x
🔐root/private123
1x
🔐root/SANDBOX
1x
🔐root/!QAZ@WSX3edc
1x
🔐root/abc123
1x
🔐root/777777
1x
🔐root/Admin@2025
1x
🔐root/1qaz2wsx3edc
1x

Executed Commands

$df -h | head -51x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
5000
Vulnerabilities
CVE-2024-6232CVE-2009-2940CVE-2021-32052CVE-2020-29396CVE-2025-13836CVE-2025-12781CVE-2025-13837CVE-2024-9287CVE-2023-27043CVE-2024-7592CVE-2025-12084CVE-2009-3720
CPEs
cpe:/a:palletsprojects:flask:3.1.5cpe:/a:python:python:3.12.3

Risk Assessment

57
/100
LowMediumHighCritical