all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ransomware group sites leaking info via error/404/misc. pages

Add to bookmarks
June 7, 2023, 9:57 p.m. | /u/DrinkMoreCodeMore

Malware Analysis & Reports www.reddit.com

Just an interesting observation. Not really interesting in and of itself but still revealing more info than they should be. Not a full list of all groups, just some of the ones I randomly looked at today.

hxxp://wkrlpub5k52rjigwxfm6m7ogid55kamgc5azxlq7zjgaopv33tgx2sqd[.]onion/adsfasdf/

>nginx/1.14.0 (Ubuntu)

hxxp://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad[.]onion/uploads/

>Apache/2.4.55 (Ubuntu) Server at kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad[.]onion Port 8080

hxxp://bl4cktorpms2gybrcyt52aakcxt6yn37byb65uama5cimhifcscnqkid[.]onion/0x00/index.html

>LiteSpeed Server at bl4cktorpms2gybrcyt52aakcxt6yn37byb65uama5cimhifcscnqkid[.]onion Port 80

hxxps://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd[.]onion/uploads

>nginx/1.18.0

hxxp://p66slxmtum2ox4jpayco6ai3qfehd5urgrs4oximjzklxcol264driqd[.]onion/asdfasdf

>nginx/1.18.0

hxxp://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad[.]onion/author/h6g5f4df6g7hhyg/

>WordPress (lol) the admin username is `h6g5f4df6g7hhyg` -> hxxp://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad[.]onion/wp-admin

>Server: Apache/2.4.38 (Win32) PHP/5.6.40

>X-Powered-By: PHP/5.6.40

hxxp://malas2urovbyyavjzaezkt5ohljvyd5lt7vv7mnsgbf2y4bwlh72doqd[.]onion/robots.txt


>Sitemap: hxxps://ronaldsvilcins[.]com/sitemap.xml HRMMMMMMMMMMMMMMM 🤔

apache error html info list malware misc nginx onion port ransomware ransomware group server ubuntu

Visit resource

More from www.reddit.com / Malware Analysis & Reports

Phising opensea 6 days, 12 hours ago | www.reddit.com
mail malware opensea phishing +1
Understanding How CVEProject/cvelistV5 Works 1 week, 1 day ago | www.reddit.com
api cve cves etc +18
[Video] Triaging Files on VirusTotal 1 week, 6 days ago | www.reddit.com
files malware video virustotal
Need recommendations for Premium Tools 1 week, 6 days ago | www.reddit.com
analysis atm budget can +12
Are hidden incoming SMS common for C&C? 2 weeks, 2 days ago | www.reddit.com
account android android malware carrier +12
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 2 weeks, 2 days ago | www.reddit.com
attackers clusters critical exploiting +5
A Powerful tracing engine based on Qemu 2 weeks, 6 days ago | www.reddit.com
binary called can case +20
[Fixed] Coding The Rat King: A Multi-Family Malware Configuration Parser 3 weeks ago | www.reddit.com
code coding configuration family +5
Dynamic Malware Analysis of Konni RAT Malware APT37 With Any.Run 3 weeks, 6 days ago | www.reddit.com
advanced amp analysis any.run +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs