TROYANOSYVIRUS
Active ThreatMEDIUM

120.48.199.28

Country of Origin🇨🇳 China
First Detection3/13/2026
Last Activity4/1/2026
ISPBeijing Baidu Netcom Science and Technology Co., Ltd.
🎯
2,238
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
1
Malware

Geolocation

Country
🇨🇳 China
City
Beijing
ASN
AS38365
ISP
Beijing Baidu Netcom Science and Technology Co., Ltd.

Attack Types

ssh_telnet_honeypot

Attacked Ports

22

Associated Malware

2ca777fe970135f49c68...

Attempted Credentials

🔐oracle/123qwe
2x
🔐root/a123456A
2x
🔐developer/123456
2x
🔐elasticsearch/elasticsearch
2x
🔐mongodb/mongodb
2x
🔐root/4r3e2w1q
2x
🔐www/123456
2x
🔐nexus/nexus
2x
🔐centos/centos
2x
🔐rancher/rancher
2x
🔐mongo/123456
2x
🔐tomcat/tomcat
2x
🔐root/!Q2w3e4r
2x
🔐ts/ts
2x
🔐root/root@123
2x

Executed Commands

$uname -s -v -n -r-m2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
2233066379
Vulnerabilities
CVE-2025-50100CVE-2025-50091CVE-2025-50086CVE-2025-50101CVE-2025-50085CVE-2025-50099CVE-2025-50079CVE-2025-50093CVE-2025-50098CVE-2025-50084CVE-2025-50094CVE-2025-50087CVE-2025-50104CVE-2025-50080CVE-2025-50081CVE-2025-50096CVE-2025-50078CVE-2025-50102CVE-2025-50077CVE-2025-50083
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:oracle:mysql:8.4.5cpe:/a:openbsd:openssh:9.6p1cpe:/a:redislabs:redis:8.0.3

Risk Assessment

55
/100
LowMediumHighCritical
IP 120.48.199.28 - Detected Threat | TroyanosYVirus.com | TroyanosYVirus.com