Active Threat • LOW
220.76.68.23
🎯
34
Total Attacks
🔌
1
Ports
📡
1
Attack Types
🦠
9
Malware
Geolocation
- Country
- 🇰🇷 South Korea
- City
- Songpa-gu
- ASN
- AS4766
- ISP
- Korea Telecom
Attack Types
ssh_telnet_honeypot
Attacked Ports
22
Associated Malware
Attempted Credentials
🔐root/root
1x🔐root/admin
1xExecuted Commands
$
/ip cloud print2x$
uname -a1x$
ls -la ~/.local/share/TelegramDesktop/tdata /home/*/.local/share/TelegramDesktop/tdata /dev/ttyGSM* /dev/ttyUSB-mod* /var/spool/sms/* /var/log/smsd.log /etc/smsd.conf* /usr/bin/qmuxd /var/qmux_connect_socket /etc/config/simman /dev/modem* /var/config/sms/*1x$
ifconfig1x$
ps | grep '[Mm]iner'1x$
ps -ef | grep '[Mm]iner'1x$
echo Hi | cat -n1x$
locate D877F783D5D3EF8Cs1x$
cat /proc/cpuinfo1xShodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
12318834369567215672
Vulnerabilities
CVE-2012-6708CVE-2021-22116CVE-2023-46118CVE-2020-7656CVE-2015-9251CVE-2021-32719CVE-2021-32718CVE-2020-11023CVE-2020-11022CVE-2022-31008CVE-2019-11358
CPEs
cpe:/a:ntp:ntp:3cpe:/a:vmware:rabbitmq:3.5.7cpe:/a:mochiweb_project:mochiweb:1.0cpe:/a:jquery:jquery:1.6.4
Risk Assessment
35
/100
LowMediumHighCritical