Red Piranha Threat Intelligence Report - Sept. 10-16 2017

TOP 10 ATTACKER (BY COUNTRY)

UNITED STATES OF AMERICA is our top Attacker by country this week.


top country

TOP 9 ATTACKER (BY HOST)

TOP HOST – 104.37.212.67

host


Detailed Report on Suspicious hosts


Behavior: Scanning hosts

Activity: Continuously using different username password combination existing and non-existing usernames.

We have found following different types of events:

SSHD authentication failed.

Multiple SSHD authentication failures.

Multiple failed logins in a small period of time.

SSH insecure connection attempt (scan).

Failed Password

Invalid User

Input userauth request invalid user

Type of attack: Bruteforce

Source IP Addresses:

104.37.212.67 , 121.18.238.125 , 121.18.238.123 , 58.218.198.143 , 121.18.238.119 , 

77.72.82.183, 193.15.16.4 , 5.101.40.10 185.100.85.132


                                                TOP OTX Activity

TOP OTX Pulse:-  922645
IOC  :- 163data.com.cn

OTX URL: 
otx.alienvault.com/indicator/domain/163data.com.cn


OTX Activity


Threat GEO Location Map

geo location map
Details
Date Published
September 18, 2017
Category
Threat Intelligence