These are the email addresses and ID of PRC/China individuals that linked to malware (WindowsOS or Linux related malware) distribution, the information has been escalated to the IR workflow without any response from their region.
We keep the analysis report along with any malicious verdict, damage caused and victim report, of each listed individual in our archive and we intend to use them to escalate the cases further to the cyber crime handling purpose.
The list below is the minimum information that contains the address and utilized malware summary.
lldun@126.com chinaz "刘伦墩 (Liu Lun Tun)" mallory888@qq.com billgates 280824888@qq.com billgates 22222222@qq.com billgates 130128628@qq.com chinaz 2511916764@qq.com xor.ddos "蔡厚泉 (Cai Hou Sien/Quan)" 971560826@qq.com xor.ddos 8379526@qq.com chinaz 564691478@qq.com chinaz coder "Junfeng Zhang" 512778361@qq.com billgates zhucegodaddy@126.com billgates hackking@126.com DESdownloader elf ppyy@astpbx.com xor.ddos billgates elknot - ddns hoster 2393583645@qq.com win32/potukorp.a mimidi@126.com flystudio ddddddd@ss.com billgates Ko.John@gmail.com mrblack elknot billgates 2518021049@qq.com hackteam exploit copypaster win panel malware 1940666388@qq.com billgates sushaozong@qq88.com billgates bm18801463268@163.com ssh backconnect & servstart 88032225@qq.com mrblack billgates brute 873555@qq.com mrblack billgates brute 664035800@qq.com billgates elknot "Xiao Dan" at cnc: linux.xinhuamei.net hl862613@gmail.com chinaz "Zhang San" cnc: m.hongyimeinv.com|199.83.94.136 1043898868@qq.com billgates cnc 51sf176.com|180.97.215.131 scancesi@163.com GoARMBot Chinaz hosts: appdown.keyipin.com wwjj.keyipin,com (panel) & *.28zst.cn (cnc) 23362464@qq.com GoARMBot Chinaz hosts: scjdzy.com.cn (attacker) & lkwz.f3322.org (cnc) 664035800@qq.com billgates (linux.) xinhuamei.net 1940666388@qq.com billgates mdb7,cn:8081/exp hihayi@qq.com mrblack rivow,com/sysdate.zip x5zs@vip.qq.com x5zs.com CVE-2015-1427 attacker x5yin@hotmail.com x5yin.com CVE-2015-1427 attacker lihui@ads8.com xcy8.com CVE-2015-1427 attacker 531101669@qq.com zhimingge.in CVE-2015-1427 attacker chenqwe@126.com myzwqwe12.com CVE-2015-1427 attacker 603486457@qq.com billgates okm918.com CVE-2015-1427 attacker 1556767987@qq.com xor,ddos mdb7.cn:8081/exp 45.34.1.254:8080/ taosfa@hotmail.com chinaz gm352.com liangzai2006@gmail.com xy.weimiii.com goarm chinaz 2900570290@qq.com chinaz bin:7eb38aaa8ccaa8ffa0f25c19cce02d7a wuhao8758@163.com chinaz linux.alshw.com 1043898868@qq.com billgates CNC 51sf176.com/180.97.215.131 http://imgur.com/a/7LcuS 2893741234@163.com xiang tao of chengdu, sichuan - billgates CNC 9528udp.23moyu.com 21353b9183c3a51bd41389d74a56189c yumingchushou5@126.com goarm chinaz sh-shengqi.cn a7fe5ba06aa89fcec0519b54d85961ea 413774622@qq.com chinaz aiseai.com linux.sexygame.info 3cff6eaca5ee30ba90a0057a01f97f9b wu_qing001@163.com xorddos billgates 300uc.com nsX.mb555.com vip77391396@126.com chinaz bywyn.com 9f4d34449e243dfe023ea01e93da22a3 924679564@qq.com chinaz billgates hackwyn.top a479232948d18712ec833159ec4065b7 1498699897@qq.com aesddos ys-k.ys168.com f2e66c910eb82d89921fec9e6607ec4e fsfsok888@163.com pay.wowoinn.com billgates+xorddos(root ver) 8b68168778df50cc2390678bc1744a32 6c7dbfcef9364588a0afd8d1a1eab82f dt088881@126.com xorddos navicatadvvr.com (new ver/non-root) 5602159b146889a8d8f73317cd07c88c 50699341@qq.com goarm-bot mmmm.920xz.com 115.239.248.50 7af8b102d538755ab91ae4fbceab71b3 4592248@qq.com 4592248@gmail.com SystemTen/Rocke/Kerberods https://old.reddit.com/r/LinuxMalware/comments/bfaea2/fun_in_dissecting_lsd_packer_elf_golang_miner/
