Active Threat • HIGH

115.91.48.142

Country of Origin🇰🇷 South Korea

First Detection2/21/2026

Last Activity3/31/2026

ISPLG DACOM Corporation

🎯

1,206

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇰🇷 South Korea
City: Anyang-si
ASN: AS3786
ISP: LG DACOM Corporation

Attack Types

ssh_telnet_honeypot

Attacked Ports

Associated Malware

01ba4719c80b6fe911b0...→073965f44d7271941273...→09a3e612f8cad1560057...→2063cb30badaa535a413...→26c6e0a6ea26e82f95ec...→

Attempted Credentials

🔐345gs5662d34/345gs5662d34

🔐root/3245gs5662d34

🔐transfer/transfer@123

🔐simeon/Simeon123!

🔐root/Mexico2026

🔐vagrant/12345

🔐sabrina/sabrina

🔐minikube/minikubeminikube

🔐arma3server/arma3server123

🔐panel/Panel123!

🔐luis/1234

🔐root/111222333

🔐root/321321

🔐xx/xxxx

🔐root/@root1234

Executed Commands

$Enter new UNIX password:11x

$lockr -ia .ssh9x

$cat /proc/cpuinfo | grep model | grep name | wc -l9x

$ls -lh $(which ls)9x

$df -h | head -n 2 | awk 'FNR == 2 {print $2;}'9x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'9x

$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'9x

$whoami9x

$uname -m9x

$lscpu | grep Model8x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Risk Assessment

/100

LowMediumHighCritical