Active Threat • MEDIUM

91.218.66.160

Country of Origin🇩🇪 Germany

First Detection1/14/2026

Last Activity1/14/2026

ISPSYNLINQ

🎯

218

Total Attacks

🔌

Ports

📡

Attack Types

🦠

Malware

Geolocation

Country: 🇩🇪 Germany
City: Unknown
ASN: AS44486
ISP: SYNLINQ

Attack Types

cowrie

Attacked Ports

Associated Malware

3f1f9a5db692d999bb3d...→ab1fb68311b4d2a71812...→d1cce7414704698abd34...→cc1eb03e9b5926d8076e...→64426356ffcabc3671e5...→

Attempted Credentials

🔐frappe/Password123

🔐rstudio/rstudio@123

🔐munin/12345678

🔐chef/chef

🔐system/12345678

🔐backupuser/backupuser2026

🔐nobody/Password@123

🔐linksys/P@ssw0rd@123

🔐luis/Password123

🔐vpnuser/P@ssw0rd123

🔐lighttpd/lighttpd2025!

🔐superuser/password

🔐User2/P@ssw0rd@123

🔐uniview/password

🔐munin/P@ssw0rd@123

Executed Commands

$lscpu | grep Model1x

$ls -lh $(which ls)1x

$echo "123\n9D0snANM8KYj\n9D0snANM8KYj\n"|passwd1x

$cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'1x

$Enter new UNIX password: 1x

$uname -a1x

$w1x

$cat /proc/cpuinfo | grep name | wc -l1x

$crontab -l1x

$cat /proc/cpuinfo | grep model | grep name | wc -l1x

Risk Assessment

/100

LowMediumHighCritical