#ctrl-c | Logs for 2020-04-21

Back
[00:35:32] -!- clicklink [clicklink!~none@96.44.144.114] has joined #ctrl-c
[01:05:32] -!- frigginglorious has quit [Connection closed]
[02:02:18] -!- orangejuice [orangejuice!orangejuice@162.243.120.25] has joined #ctrl-c
[02:02:34] <orangejuice> hello.
[02:02:44] <clicklink> hi
[02:04:42] <orangejuice> haven't been on irc for at least 15 years.
[02:04:45] <orangejuice> lol
[02:05:08] <orangejuice> oh wait. longer.
[02:06:53] -!- orangejuice has quit [quit: WeeChat 2.4]
[02:21:54] <dragon> hello :)
[02:25:23] <clicklink> dragon: are you aware of the network merantau.org?
[02:26:19] <clicklink> if you look at port 6666 and 6668 an IRCD is listening on ctrlc server
[02:26:22] <clicklink> connecting to it
[02:26:34] <clicklink> linking
[02:41:41] -!- clicklink has quit [Ping timeout: 120 seconds]
[02:44:21] <ben> 7777 too
[02:59:06] -!- clicklink [clicklink!~none@37.120.147.250] has joined #ctrl-c
[06:35:40] -!- clicklink has quit [Ping timeout: 120 seconds]
[06:36:44] -!- clicklink [clicklink!~none@37.120.147.250] has joined #ctrl-c
[06:56:05] <clicklin1> please do respond when you can, there is a C&C botnet used for stealing credit cards being run on 162.243.120.25
[13:39:26] <clicklin1> they are right now stealing credit cards...please take a look into it calamitous
[13:40:20] <clicklin1> as we speak on your IP on port 7000
[13:40:22] <clicklin1> channel #merantau
[13:48:58] <clicklink> https://pastebin.com
[13:50:58] <clicklink> I hope ctrl c isn't intentionally harboring these thieves that ddos other networks, shell injects, etc.
[14:25:21] -!- lel has quit [quit: ZNC 1.7.2+deb3 - https://znc.in]
[14:25:21] -!- creme has quit [quit: ZNC 1.7.2+deb3 - https://znc.in]
[14:28:01] -!- creme [creme!creme@envs.net] has joined #ctrl-c
[14:29:40] -!- lel [lel!lel@envs.net] has joined #ctrl-c
[15:44:29] <ben> I'm certain it's not intentional. I found the user running it and alerted calamitous
[16:09:12] <clicklink> yea, it's a malicious network that is involved with credit card fraud.
[16:09:39] <clicklink> be careful when visiting this you might not even want to visit it at all
[16:09:42] <clicklink> http://sp65.edu.pl
[16:09:58] <clicklink> [ Re-Coding Samsin S. Dialao, SE. ][ #meRANTAU IRC Network ][ Generated: 0.4471 seconds ]
[16:10:01] <clicklink> he does stuff like this
[16:10:13] <clicklink> has outlook.zip which is phishing software...
[16:10:24] <clicklink> of course, reported it, and they didn't even act.. no care in world that their server is infected
[16:18:03] -!- frigginglorious1 [frigginglorious1!~Thunderbir@rrcs-24-206-45-122.midsouth.biz.rr.com] has joined #ctrl-c
[16:26:32] -!- frigginglorious1 has quit [Connection closed]
[16:27:08] -!- frigginglorious [frigginglorious!~Thunderbir@71-82-147-112.dhcp.eucl.wi.charter.com] has joined #ctrl-c
[16:34:39] <calamitous> Hey guys. I wanted to check in real quick, since this is becoming an issue. I'm dealing with a family emergency, so my bandwidth is limited atm. I'll be looking into all this just as soon as I can.
[16:36:26] <calamitous> With regards to what people are doing on the server, I take a pretty open view that people can do what they want as long as it's not affecting other people on the server-- if they want to run another IRC server, that's not _necessarily_ a problem, as long as it doesn't interfere with the rest of the users.
[16:38:07] <calamitous> On the other hand, I have no patience with people that want to use CCC as a home for illegal/illicit activities. I shotgunned two accounts last week for misuse, and blocked several more. The accusation that I have "no care in world that their server is infected" is patently false.
[16:45:23] <calamitous> At the same time, I don't want to go willy-nilly shutting down accounts because someone in IRC said so. I want to investigate and review what's going on. Rest assured that if there's malicious activity, I'll stop it. I haven't devoted hundreds of hours and hundreds of dollars over the years to CCC so that it can be a playground for scammers and spammers.
[16:48:24] <clicklink> calamitous: ah, thanks for your response. I am just tired of sites ignoring malicious infected websites like the one above that allows them to do phishing among other things.
[16:48:39] <clicklink> I wasn't sure if ctrl didn't mind or what
[16:48:49] <calamitous> I do appreciate the investigation and the information, that's all incredibly helpful, and I appreciate people watching out for bad actors. There's been a sharp uptick in attempted malicious behavior lately. But my family comes first, and I need to finish taking care of things on my end before I can address some of these issues.
[16:49:06] <clicklink> okay
[16:49:27] <clicklink> I didn't mean to put false accuations or anything.. I was just pointing it out as many others like edu.pl didn't care
[16:49:30] <clicklink> heh
[16:49:40] <calamitous> Thank you for the time and effort you've put into helping me chase down this issue.
[18:10:40] -!- frigginglorious1 [frigginglorious1!~Thunderbir@rrcs-24-206-45-122.midsouth.biz.rr.com] has joined #ctrl-c
[18:12:07] -!- frigginglorious has quit [Ping timeout: 120 seconds]
[18:12:08] frigginglorious1 is now known as frigginglorious
[18:43:23] -!- frigginglorious has quit [Client exited]
[18:43:31] -!- frigginglorious [frigginglorious!~Thunderbir@rrcs-24-206-45-122.midsouth.biz.rr.com] has joined #ctrl-c
[22:08:22] -!- frigginglorious has quit [Connection closed]
[22:08:58] -!- frigginglorious [frigginglorious!~Thunderbir@71-82-147-112.dhcp.eucl.wi.charter.com] has joined #ctrl-c