TROYANOSYVIRUS
Active ThreatMEDIUM

164.90.166.126

Country of Origin🇩🇪 Germany
First Detection4/18/2026
Last Activity4/26/2026
ISPDigitalOcean, LLC
🎯
149
Total Attacks
🔌
2
Ports
📡
2
Attack Types
🦠
0
Malware

Geolocation

Country
🇩🇪 Germany
City
Frankfurt am Main
ASN
AS14061
ISP
DigitalOcean, LLC

Attack Types

ssh_telnet_honeypot
tcp_trap

Attacked Ports

222222

Associated Malware

No associated malware

Attempted Credentials

🔐admin/admin
4x
🔐nil/(empty)
4x
🔐a/a
4x
🔐root/root
4x
🔐ubnt/ubnt
1x
🔐user/user
1x
🔐admin/password
1x
🔐admin/admin123
1x
🔐pi/raspberry
1x
🔐root/(empty)
1x
🔐pi/bananapi
1x
🔐root/admin
1x
🔐support/support
1x
🔐orangepi/orangepi
1x
🔐debian/temppwd
1x

Shodan InternetDB ExposureShodan

InternetDB data, not real-time

Ports
212225804455132222300054326667800988889090
Vulnerabilities
CVE-2019-11358CVE-2007-4723CVE-2017-15906CVE-2008-3844CVE-2026-35414CVE-2015-5352CVE-2012-0814CVE-2009-2299CVE-2013-4365CVE-2020-11022CVE-2016-10708CVE-2014-1692CVE-2015-9251CVE-2019-6111CVE-2007-2768CVE-2012-4001CVE-2023-51385CVE-2016-1908CVE-2013-0942CVE-2011-2688
CPEs
cpe:/a:openbsd:openssh:8.9p1cpe:/o:debian:debian_linuxcpe:/o:linux:linux_kernelcpe:/a:apache:http_server:2.4.66cpe:/a:jquery:jquery:2.2.4cpe:/a:f5:nginx:1.25.4cpe:/o:canonical:ubuntu_linuxcpe:/a:php:php:8.5.2cpe:/a:f5:nginx:1.29.2cpe:/a:openbsd:openssh:4.7p1cpe:/a:postgresql:postgresql:8.3cpe:/a:postfix:postfixcpe:/a:cloudflare:cloudflare

Risk Assessment

55
/100
LowMediumHighCritical