Malicious IP addresses that I found continuously attacking financial sectors specially in Bangladesh
I am sharing some malicious IP addresses for the community that I found continuously attacking Bangladesh financial sectors. I will be updating the list as my research going on always. New IP address will be placed below most serially, with a new tag mark. That will help you to understand what are the previous ones and what are the new ones.
Explanation of why they are malicious?
I have observed that these IP address continuously attacking (brute force, directory traversal, port scan, calling web shell etc.) one of the financial infra. During analyzing phase, I collected this IP and check their reputation in some renowned TI service like abuseipdb db, cisco talos, IBM x-force etc. and found that very bad reputation. Sometimes I found IP addresses and they are completely clean as per the TI but during analyzing the payload/url it seems abnormal i.e. trying to read /etc/passwd file. I also mention those IP address here in the list.
You just need to block this IP addresses on your perimeter security devices like in your firewall or IPS or EDR/server security solutions.
136.243.228.195
136.243.220.212
216.144.248.19
40.77.167.84
114.119.154.169
35.92.155.125
40.77.167.202
136.243.220.212
152.89.196.54
107.170.227.11
45.118.134.104
54.36.148.131
95.108.213.190
185.191.171.0/24
114.119.153.237
52.221.24.199
54.36.149.43
52.167.144.20
4.71.37.46
216.244.66.242
51.254.35.55
146.70.189.245
103.187.5.128
103.30.11.160
103.30.11.146
172.70.147.176
103.114.105.248
172.245.226.224
164.132.57.173
38.54.16.132
109.237.96.251
38.242.220.21
141.0.8.70
162.159.200.123
104.28.159.49
54.37.2.81
66.102.9.68
163.171.211.12
163.171.138.32
66.249.93.163
183.171.175.20
139.59.254.181
193.186.4.143
66.249.68.64
138.113.114.13
38.101.26.130
172.105.89.161
95.214.55.244
172.105.77.209
45.145.248.50
172.104.242.173
39.100.67.147
15.235.204.114
114.119.155.23
31.43.185.32 #new
202.140.129.78 #new
2.58.15.225 #new
83.97.73.87 #newI hope you like this. Please subscribe below.
LinkedIn:
https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/
YouTube:
