TROYANOSYVIRUS
Active Threat β€’ CRITICAL

159.223.38.78

First Detection4/9/2026
Last Activity4/9/2026
ISPDigitalOcean, LLC
🎯
159
Total Attacks
πŸ”Œ
27
Ports
πŸ“‘
7
Attack Types
🦠
1
Malware

Geolocation

Country
πŸ‡ΈπŸ‡¬ Singapore
City
Singapore
ASN
AS14061
ISP
DigitalOcean, LLC

Attack Types

ssh_telnet_honeypot
printer_honeypot
smtp_honeypot
elasticsearch_honeypot
malware_capture
ics_scada_honeypot
tcp_trap

Attacked Ports

21222325631170018831911208724043306330740245984638071707434754780209200+7

Associated Malware

cd9d3bc41cf98f3409c2...β†’

Attempted Credentials

πŸ”GET / HTTP/1.1/Host: 15.235.184.72:23
1x
πŸ”*1/$4
1x
πŸ”User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36/Accept: */*
1x
πŸ”Accept-Encoding: gzip/(empty)
1x

Executed Commands

$PING2x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
2280443326950005435808084431000010911
Vulnerabilities
CVE-2021-3618CVE-2021-23017CVE-2023-44487CVE-2025-23419
Hostnames
www.linejet.netadmin.linejet.net
CPEs
cpe:/o:linux:linux_kernelcpe:/a:openbsd:openssh:8.9p1cpe:/o:canonical:ubuntu_linuxcpe:/a:f5:nginx:1.18.0

Risk Assessment

80
/100
LowMediumHighCritical