TROYANOSYVIRUS
Active ThreatMEDIUM

119.198.229.152

Country of Origin🇰🇷 South Korea
First Detection4/7/2026
Last Activity4/28/2026
ISPKorea Telecom
🎯
56
Total Attacks
🔌
2
Ports
📡
2
Attack Types
🦠
1
Malware

Geolocation

Country
🇰🇷 South Korea
City
Busan
ASN
AS4766
ISP
Korea Telecom

Attack Types

ssh_telnet_honeypot
malware_capture

Attacked Ports

2122

Associated Malware

28ba533b0f3c4df63d6b...

Attempted Credentials

🔐administrator/Root123@minoxidil4you
1x
🔐minoxidil4you/P@ssword@123
1x
🔐admin/Minoxidil4you123!@#
1x
🔐root/Minoxidil4you.2026
1x
🔐root/Minoxidil4you2024$
1x
🔐root/minoxidil4you$1
1x
🔐root/!2026Minoxidil4you
1x
🔐minoxidil4you/P@ssw0rd2026
1x
🔐root/minoxidil4you2026@
1x
🔐root:Minoxidil4you.1/root:Minoxidil4you.1
1x
🔐root/$2024minoxidil4you
1x
🔐minoxidil4you/Minoxidil4you#2023
1x
🔐root/2024.Minoxidil4you
1x

Executed Commands

$uname -a1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
53143443993
Vulnerabilities
CVE-2025-23419CVE-2023-44487
Hostnames
mail.shipstore.co.kr
CPEs
cpe:/a:f5:nginx:1.24.0cpe:/a:zabbix:zabbixcpe:/o:linux:linux_kernelcpe:/a:php:phpcpe:/o:canonical:ubuntu_linux

Risk Assessment

55
/100
LowMediumHighCritical