Most Common New Infections
Malware samples identified on the greatest count of newly infected sites.
MD5 |
Signature |
Description |
Example File Names |
CEC9A529B43D84F0A0E3624372CD9C51 |
Backdoor:PHP/WP-VCD.5409 |
Infected core file, triggers execution of another malicious script. |
post.php |
7D9A88B33CD777B0949A3033512C1D08 |
Backdoor:PHP/wp-vcd.5476 |
Backdoor associated with SEO spam injections. |
wp-vcd.php |
701CB9E0ACF43569D3C539B073DAAF2F |
Spam:PHP/oclasinsert.5483 |
SEO spam code injector. |
wp-tmp.php |
75234791B9CA71A16FC8432BE4F6A5D0 |
Backdoor:PHP/wp-vcd.5476 |
Backdoor associated with SEO spam injections. |
wp-vcd.php |
380FA777B8C37FB60811E5972391261B |
Suspicious:PHP/evalB64.4068 |
WebShellOrb PHP webshell. |
wp-update.php, ob.php, aw.php, and others. |
IPs Attacking Most Sites
Rank |
Prev. |
IP Address |
ASN |
Country |
1 |
6 |
47.252.4.36 |
45102 (Alibaba (US) Technology Co., Ltd.) |
US |
2 |
— |
47.89.208.37 |
45102 (Alibaba (US) Technology Co., Ltd.) |
US |
3 |
— |
51.89.224.145 |
16276 (OVH SAS) |
GB |
4 |
4 |
165.227.48.147 |
14061 (DigitalOcean, LLC) |
US |
5 |
8 |
192.99.38.186 |
16276 (OVH SAS) |
CA |
6 |
— |
68.183.76.157 |
14061 (DigitalOcean, LLC) |
DE |
7 |
— |
158.69.150.55 |
16276 (OVH SAS) |
BR |
8 |
— |
178.128.193.158 |
14061 (DigitalOcean, LLC) |
DE |
9 |
10 |
159.203.86.82 |
14061 (DigitalOcean, LLC) |
US |
10 |
— |
217.182.95.250 |
16276 (OVH SAS) |
FR |
New Tracked Domains
Domain Name |
Date Added |
Current Status |
Notes |
fastherbsmart.su |
09/18/2019 |
Down |
Redirect target seen in malware samples. |
bremen-apotheke.com |
09/20/2019 |
Up |
Pharmaceutical spam. |
p79479.clksite.com |
09/22/2019 |
Up |
Referenced in malware samples. |
Subscribe To The Wordfence Weekly