Hall of Shame

「また、つまらぬ物を斬ってしまった...」

These are the email addresses and ID of PRC/China individuals that linked to malware (WindowsOS or Linux related malware) distribution, the information has been escalated to the IR workflow without any response from their region.

We keep the analysis report along with any malicious verdict, damage caused and victim report, of each listed individual in our archive and we intend to use them to escalate the cases further to the cyber crime handling purpose.

The list below is the minimum information that contains the address and utilized malware summary.

lldun@126.com     chinaz  "刘伦墩 (Liu Lun Tun)"
mallory888@qq.com billgates
280824888@qq.com  billgates
22222222@qq.com   billgates
130128628@qq.com  chinaz
2511916764@qq.com xor.ddos "蔡厚泉 (Cai Hou Sien/Quan)"
971560826@qq.com  xor.ddos
8379526@qq.com    chinaz
564691478@qq.com  chinaz coder "Junfeng Zhang"
512778361@qq.com  billgates
zhucegodaddy@126.com billgates
hackking@126.com  DESdownloader elf
ppyy@astpbx.com   xor.ddos billgates elknot - ddns hoster
2393583645@qq.com win32/potukorp.a
mimidi@126.com    flystudio
ddddddd@ss.com    billgates
Ko.John@gmail.com mrblack elknot billgates
2518021049@qq.com hackteam exploit copypaster win panel malware
1940666388@qq.com billgates 
sushaozong@qq88.com billgates
bm18801463268@163.com ssh backconnect & servstart
88032225@qq.com   mrblack billgates brute
873555@qq.com     mrblack billgates brute
664035800@qq.com  billgates elknot "Xiao Dan" at cnc: linux.xinhuamei.net
hl862613@gmail.com chinaz "Zhang San" cnc: m.hongyimeinv.com|199.83.94.136
1043898868@qq.com billgates cnc 51sf176.com|180.97.215.131
scancesi@163.com  GoARMBot Chinaz hosts: appdown.keyipin.com wwjj.keyipin,com (panel) & *.28zst.cn (cnc)
23362464@qq.com   GoARMBot Chinaz hosts: scjdzy.com.cn (attacker) & lkwz.f3322.org (cnc)
664035800@qq.com  billgates (linux.) xinhuamei.net
1940666388@qq.com billgates mdb7,cn:8081/exp 
hihayi@qq.com     mrblack rivow,com/sysdate.zip 
x5zs@vip.qq.com   x5zs.com CVE-2015-1427 attacker
x5yin@hotmail.com x5yin.com CVE-2015-1427 attacker
lihui@ads8.com    xcy8.com CVE-2015-1427 attacker
531101669@qq.com zhimingge.in CVE-2015-1427 attacker
chenqwe@126.com   myzwqwe12.com CVE-2015-1427 attacker
603486457@qq.com  billgates okm918.com CVE-2015-1427 attacker
1556767987@qq.com xor,ddos mdb7.cn:8081/exp 45.34.1.254:8080/
taosfa@hotmail.com chinaz gm352.com
liangzai2006@gmail.com xy.weimiii.com goarm chinaz
2900570290@qq.com chinaz bin:7eb38aaa8ccaa8ffa0f25c19cce02d7a
wuhao8758@163.com chinaz linux.alshw.com
1043898868@qq.com billgates CNC 51sf176.com/180.97.215.131 http://imgur.com/a/7LcuS
2893741234@163.com xiang tao of chengdu, sichuan - billgates CNC 9528udp.23moyu.com 21353b9183c3a51bd41389d74a56189c
yumingchushou5@126.com  goarm chinaz sh-shengqi.cn a7fe5ba06aa89fcec0519b54d85961ea
413774622@qq.com chinaz aiseai.com linux.sexygame.info 3cff6eaca5ee30ba90a0057a01f97f9b
wu_qing001@163.com xorddos billgates 300uc.com nsX.mb555.com 
vip77391396@126.com chinaz bywyn.com 9f4d34449e243dfe023ea01e93da22a3
924679564@qq.com chinaz billgates hackwyn.top a479232948d18712ec833159ec4065b7
1498699897@qq.com aesddos ys-k.ys168.com f2e66c910eb82d89921fec9e6607ec4e
fsfsok888@163.com pay.wowoinn.com billgates+xorddos(root ver) 8b68168778df50cc2390678bc1744a32 6c7dbfcef9364588a0afd8d1a1eab82f
dt088881@126.com xorddos navicatadvvr.com (new ver/non-root) 5602159b146889a8d8f73317cd07c88c
50699341@qq.com goarm-bot mmmm.920xz.com 115.239.248.50 7af8b102d538755ab91ae4fbceab71b3
4592248@qq.com 4592248@gmail.com SystemTen/Rocke/Kerberods https://old.reddit.com/r/LinuxMalware/comments/bfaea2/fun_in_dissecting_lsd_packer_elf_golang_miner/

No comments:

Post a Comment