Active Threat • MEDIUM

181.191.128.18

Country of Origin🇧🇷 Brazil

First Detection2/18/2026

Last Activity2/18/2026

ISPFABLINUXER CONNECT TELECOMUNICACOES

🎯

222

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇧🇷 Brazil
City: Natividade
ASN: AS266011
ISP: FABLINUXER CONNECT TELECOMUNICACOES

Attack Types

cowrie

Attacked Ports

Associated Malware

09a3e612f8cad1560057...→28720365c5e7476a011e...→28ba533b0f3c4df63d6b...→3851b5737b032963250f...→3f1f9a5db692d999bb3d...→

Attempted Credentials

🔐root/zxcvbn123

🔐dd/dd

🔐root/aabbcc

🔐nasrin/nasrin

🔐gitlab-runner/gitlab@123

🔐root/test123!

🔐root/Work@2025

🔐root/Abc123..

🔐kibana/kibana@123

🔐root/qaz123456!

🔐traefik/traefik

🔐root/Asdf123456

🔐dd/3245gs5662d34

🔐root/Wz123456!

🔐root/1qaz@WSX3e

Executed Commands

$Enter new UNIX password:2x

$echo "dd\nGphfyjzbWSdM\nGphfyjzbWSdM\n"|passwd1x

$whoami1x

$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'1x

$lscpu | grep Model1x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x

$uname -a1x

$cat /proc/cpuinfo | grep name | wc -l1x

$crontab -l1x

$cat /proc/cpuinfo | grep model | grep name | wc -l1x

Risk Assessment

/100

LowMediumHighCritical