ZeuS Tracker

[SysAdMini]

Today a new service has been published :

ZeuS Tracker

Here is an Introduction

The abuse.ch ZeuS Tracker provides you the possiblity to track ZeuS Command & Control servers (C&C). The tracker captures and track the ZeuS hosts aswell as the associated config files, binaries and dropezones. The main focus is to provide system administrators the possiblity to block well-known ZeuS hosts and avoid ZeuS infections in their networks. Therefore you can download a ZeuS domain blocklist and a ZeuS IP blocklist. Additionally the ZeuS Tracker should help CERTs and ISPs to track malicious ZeuS hosts in their networks / countries.

[CkreM]

anyone know what happened to them?

its like all the data from the last month is gone and they didn't update for days...

[SysAdMini]

anyone know what happened to them?

its like all the data from the last month is gone and they didn't update for days...

Database has been damaged. I will keep you updated.

If you are looking for new Zeus hosts, then subscribe to the Zeus RSS feed here at MDL.

[SysAdMini]

Everything has been restored now.

[SysAdMini]

ZeusTracker and the Nuclear Option
http://voices.washingtonpost.com/securityfix/2009/05/zeustracker_and_the_nuclear_op.html#more

[SysAdMini]

New features on the ZeuS Tracker
http://www.abuse.ch/?p=1591

[MysteryFCM]

None of the ZuesTracker links are loading here? (they're all timing out). Is it being attacked again?.

[SysAdMini]

https://zeustracker.abuse.ch/ works fine here.

[MysteryFCM]

Continuing to time out here (even the RSS feed is timing out), resolves just fine though ... tracert shows the problem likely lies with 88.80.217.159

Code: [Select]

Tracing route to zeustracker.abuse.ch [88.80.216.114]

over a maximum of 30 hops:

  1     2 ms     1 ms     1 ms  192.168.0.1
  2     *        *        *     Request timed out.
  3   166 ms   210 ms   207 ms  gi1-6-703.pcl-gw01.plus.net [84.92.0.181]
  4    33 ms    33 ms    32 ms  te2-2.pte-gw1.plus.net [212.159.0.186]
  5   129 ms   191 ms   305 ms  te2-4.pte-gw2.plus.net [212.159.1.102]
  6    34 ms    34 ms    35 ms  LINX1.LON-2.uk.lambdanet.net [195.66.224.99]
  7    44 ms    44 ms    43 ms  DUS-1-pos700.de.lambdanet.net [82.197.136.17]
  8    52 ms    50 ms    50 ms  217.79.208.174
  9    56 ms    57 ms    55 ms  88.80.217.159
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     *        *        *     Request timed out.
 13     *        *        *     Request timed out.
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.

Trace complete.
http://hosts-file.net/?s=88.80.217.159

[SysAdMini]

Happy Birthday ZeuS Tracker!
http://www.abuse.ch/?p=2363