Bitcoin Forum

Other => Off-topic => Topic started by: MarKusRomanus on May 06, 2013, 03:59:06 AM


Title: DDOS botnet ip address list attacking pools and exchanges today
Post by: MarKusRomanus on May 06, 2013, 03:59:06 AM
Heres a list of ip addresses that are part of a large DDOS botnet being used to attack various cryptocurrency pools and exchanges (and maybe this forum)  Help look thenm up and report to the ip owner the violation and watch this net go bye bye,  With a little luck, the admin behind this is not smart or in a country where he/she will be caught and face criminal charges:

Code:
200.111.157.242
66.63.183.247
218.45.21.113  - ns1.chikkun.com (japan)
107.23.195.162 - ec2-107-23-195-162.compute-1.amazonaws.com   !!! reported 
63.143.77.170  - rgd.gov.jm
140.113.69.166 - 140-113-69-166.dorm9.nctu.edu.tw
203.144.255.77
72.249.45.224
195.78.94.35
5.8.180.188
195.42.115.253
60.251.183.182
5.8.180.209
130.226.236.31
54.245.129.24
149.241.163.119
5.8.180.209
61.78.62.170
124.127.204.32
46.37.12.71
78.47.218.152
83.14.21.246
88.164.47.174
218.45.21.113
66.189.0.105
202.70.48.78
61.62.77.74
46.146.230.16
50.18.133.251
195.182.70.18
85.62.154.98
213.46.228.219
62.179.104.204
202.188.1.9
50.10.19.104
114.35.196.189
203.172.174.206
31.222.133.87
222.243.249.64
221.172.214.173
222.243.245.127
103.22.182.154
103.22.183.84
83.18.155.78
42.121.54.141
42.121.55.108
190.211.140.43
77.235.173.208
103.22.183.110
103.13.29.162
122.248.255.149
54.248.222.106
218.32.91.229
184.107.176.2
66.30.136.126
206.108.54.218
69.94.14.95
71.6.158.61
8.25.218.44
203.106.62.146
85.214.63.71
42.121.29.5
183.106.145.72
85.202.36.154
85.182.147.154
190.145.24.35
89.174.169.5
208.115.203.58
5.9.99.42
166.78.250.200
217.16.179.140
78.129.218.110
174.140.166.134
166.78.25.206
92.46.55.70
166.78.11.107
115.236.22.249
200.32.2.164
199.168.136.229
80.242.213.130
107.23.156.154
199.168.187.28
107.6.102.138
198.20.224.23
115.236.22.250
95.211.76.12
110.234.180.88
192.157.242.129
166.78.16.241
200.252.185.231
159.226.37.68
213.152.181.52
15.185.163.95
166.78.158.134
186.5.81.186
66.212.124.130
95.170.88.11
208.68.36.68
15.185.233.252
121.210.32.165
115.115.75.157
118.45.190.171
190.2.32.177
94.23.147.236
186.202.166.110
186.5.109.202
202.180.221.188
42.121.12.59
87.28.178.50
177.103.137.29
46.51.186.131
54.235.116.96
58.120.227.222
77.59.199.130
118.163.23.187
81.33.29.251
105.236.139.163
81.22.183.251
42.121.110.68
24.5.84.63
177.103.134.75
109.170.222.27
186.215.112.213
42.121.106.113
42.121.31.175
54.235.163.56
72.44.5.143
46.19.140.38
64.247.134.200
217.217.205.117
184.72.130.24
200.32.178.228
216.201.233.34
203.190.0.25
210.13.77.66
46.105.104.25
103.10.55.182
206.220.172.82
211.115.70.161
222.231.1.202
5.152.204.218
193.140.1.61
140.114.53.52
203.113.120.187
66.132.132.166
204.13.4.186
74.94.48.117
69.163.45.118
202.143.162.149
140.114.51.130
74.9.245.39
203.189.137.58
140.125.170.115
37.34.48.181
107.20.158.132
54.243.226.76
54.247.87.64
14.47.166.178
223.4.157.148
42.96.143.98
118.192.46.27
54.235.112.193
74.63.218.10
190.196.130.10
208.115.192.78

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: mem on May 06, 2013, 04:06:52 AM
Is this list verified ? last thing we need to be doing is attacking innocent people in all of this.

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: MarKusRomanus on May 06, 2013, 04:10:36 AM
Quote from: mem on May 06, 2013, 04:06:52 AM
Is this list verified ? last thing we need to be doing is attacking innocent people in all of this.

Trust me.. ive been watching them all day.. want packet logs?  itd take a while ..

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: MarKusRomanus on May 06, 2013, 04:16:40 AM
I'd be happy to provide packet logs for the attack i've saved as .cap files for some of the ip addresses to anyone with any ability to do anything worthwhile about it.

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: MarKusRomanus on May 06, 2013, 04:40:58 AM
The big ones: (confirmed with .cap packet logs to verify)  udp attacks ip contributing more than 2mbps
Code:
5.9.99.42   - china  blah
95.211.76.12
61.78.62.170
37.34.48.181
166.78.25.206
118.45.190.171
107.23.156.154  - amazon!!!
5.8.180.209
5.8.180.188
130.226.236.31
124.127.204.32
95.170.88.11

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: bumbox on May 06, 2013, 04:51:25 AM
what bandwidth does they generate?
is it udp only attack?

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: MarKusRomanus on May 06, 2013, 04:54:04 AM
Quote from: bumbox on May 06, 2013, 04:51:25 AM
what bandwidth does they generate?
is it udp only attack?
yes udp only.. low end is about 65Mbps  high end.. Can't tell But its more than 90Mbps

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: mem on May 06, 2013, 05:01:58 AM
Quote from: MarKusRomanus on May 06, 2013, 04:10:36 AM
Quote from: mem on May 06, 2013, 04:06:52 AM
Is this list verified ? last thing we need to be doing is attacking innocent people in all of this.

Trust me.. ive been watching them all day.. want packet logs?  itd take a while ..

Provided your doing your due diligence :)

Keep up the good work.

Title: Re: DDOS botnet ip address list attacking pools and exchanges today
Post by: BitcoinOxygen on May 06, 2013, 03:38:53 PM
nice list.


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines