一、事件描述
为有效防范虚拟货币“挖矿”活动带来的风险隐患,营造积极健康、安全有序的网络环境,根据国家发改委、中央网信办等11部门联合发布的《关于整治虚拟货币“挖矿”活动的通知》(发改运行〔2021〕1283号)精神和省教育厅相关要求,我中心持续关注虚拟货币“挖矿”治理相关内容。近日,中心通过技术手段发现,部分域名及 ip 涉及到挖矿等恶意行为。恶意域名以及ip清单详见附件。
二、处理建议
建议各单位将附件清单所提及的恶意域名以及ip进行封禁。
附件1
表1域名清单
序号 |
域名 |
1 |
x.zizidy.com |
2 |
ua.minding99.com |
3 |
ub.minding99.com |
4 |
p3.qsd2xjpzfky.site |
5 |
xmr.f2pool.com |
6 |
tar.kziu0tpofwf.club |
7 |
yymc.7766.org |
8 |
xmr.pool.minergate.com |
9 |
dingtao333.3322.org |
10 |
tariqalr.zapto.org |
11 |
100200.user-accounts.info |
12 |
miner.abc.abcde.ccc |
13 |
forest.confidecn.com |
14 |
donate.xmrig.com |
15 |
sg2.supportxmr.com |
16 |
donate.v2.xmrig.com |
17 |
z.totonm.com |
18 |
ysf.no-ip.biz |
19 |
ant.trenz.pl |
20 |
thaus.ws |
21 |
work.a-poster.info |
22 |
wangchao234.gicp.net |
23 |
herohero.no-ip.org |
24 |
donate.ssl.xmrig.com |
25 |
dd.avrenren.com |
26 |
www.iuqerfsodp9ifjaposdfj hgosurijfaewrwergwea.com |
27 |
ww1.zhujiwu.me |
28 |
yun.wz936.com |
29 |
biology-360.com |
30 |
api1.win10z.com |
31 |
jincpay.com |
32 |
ok.xmrpool.ru |
33 |
other.xmrpool.ru |
34 |
nstaut.nsupdate.info |
35 |
xdqzpbcgrvkj.ru |
36 |
ezil.me |
37 |
etc.ezil.me |
38 |
ilo.brenz.pl |
39 |
2miners.com |
40 |
us-west.ezil.me |
41 |
eu.ezil.me |
42 |
ethermine.org |
43 |
asia.ezil.me |
44 |
amsamex.com |
45 |
api.flexpool.io |
46 |
static.flexpool.io |
47 |
hot.tenchier.com |
48 |
tech.tositive.com |
49 |
x*.alibuf.com |
50 |
x*.crypto-pool.fr |
51 |
xmrpool.eu |
52 |
p*.xmrpool.eu |
53 |
|
54 |
s*.ntminer.com |
55 |
ntminer.top |
56 |
s*.ntminer.top |
57 |
|
58 |
o*.xmrpool.ru |
59 |
w*.xmrpool.ru |
60 |
rim.miniast.com |
61 |
c*.bucklehosting.com |
62 |
m*.chrisbuckle.com |
63 |
l*.*.linode.com |
64 |
r*.miniast.com |
65 |
w*.witmone.com |
66 |
bit.pilutce.com |
67 |
tie.presuant.com |
68 |
iron.tenchier.com |
69 |
cake.pilutce.com |
70 |
coco.miniast.com |
71 |
o.auntions.com |
72 |
sim.miniast.com |
73 |
h*.dnsx.xyz |
74 |
s*.dnsx.xyz |
75 |
x*.dnsx.xyz |
76 |
f*.supportxmr.com |
77 |
p*.supportxmr.com |
78 |
h*.tenchier.com |
79 |
t*.tositive.com |
80 |
ondayon89464516.com |
81 |
|
82 |
|
83 |
ondayon.com |
84 |
a*.pilutce.com |
85 |
h*.voiceusit.com |
86 |
p*.doi-2020.net |
87 |
|
88 |
s*.minexmr.com |
89 |
s*.minexmr.uk |
90 |
p*.usa-138.com |
91 |
x*.usa-138.com |
92 |
go.xiao.my.id |
93 |
mine.c3pool.com |
94 |
xmr.wulifang.nl |
95 |
newssl.1392010.net |
96 |
v7.1392010.net |
97 |
xmrv71.gangangangangang angangangangangan.com |
98 |
wk.monerogx.com |
99 |
gx.monerogx.com |
100 |
xz.monerogx.com |
101 |
note.monerogx.com |
102 |
gx1.monerogx.com |
103 |
aefhuoaeudofrla.co |
104 |
march262020.best |
105 |
hostmaster.march262020.best |
106 |
huaeokaefoaeguaehl.cc |
107 |
www.aefhuoaeudofrla.co |
108 |
www.huaeokaefoaeguaehl.cc |
109 |
www.march262020.best |
110 |
newsroom.m40.onsfmul.cc |
111 |
www.m40.onsfmul.cc |
112 |
info.abbny.com |
113 |
aaaeieiiioffftr.cc |
114 |
npp.abbny.com |
115 |
www.aaaeieiiioffftr.cc |
116 |
admin3.onsfmul.cc |
117 |
admns3.onsfmul.cc |
118 |
adpic3.onsfmul.cc |
119 |
adpreview.dv.onsfmul.cc |
120 |
ads.apps.onsfmul.cc |
121 |
advocate.onsfmul.cc |
122 |
ae.onsfmul.cc |
123 |
afaeigaifgsgrhhafr.cc |
124 |
age-dc7.iags.onsfmul.cc |
125 |
agency.onsfmul.cc |
126 |
agentfae.onsfmul.cc |
127 |
agpslab.onsfmul.cc |
128 |
agree.demo.onsfmul.cc |
129 |
agron.onsfmul.cc |
130 |
allen.onsfmul.cc |
131 |
alltw.land.onsfmul.cc |
132 |
alst.onsfmul.cc |
133 |
loop2.haqo.net |
134 |
loop.abbny.com |
135 |
loop.haqo.net |
136 |
a.botnet.cc |
137 |
ait.pilutce.com |
138 |
benniaogg.benniao.date |
139 |
suc80.linux1.cc |
140 |
suc80.twjiasu.com |
141 |
xred.mooo.com |
142 |
amnsreiuojy.ru |
143 |
t.awcna.com |
144 |
fget-career.com |
145 |
www.hhl365.com |
146 |
morphed.ru |
147 |
adnetwork33.redirectme.net |
148 |
superyou.zapto.org |
149 |
johnhop77.ddns.net |
150 |
maroco.myq-see.com |
151 |
liyongyong88.3322.org |
152 |
aaaa.usa-138.com |
153 |
arthur.niria.biz |
154 |
t.tr2q.com |
155 |
db.testyk.com |
156 |
du.testjj.com |
157 |
v.beahh.com |
158 |
da.testiu.com |
159 |
v.bddp.net |
160 |
tvrstrynyvwstrtve.com |
161 |
awcna.com |
162 |
ccc.njaavfxcgk3.club |
163 |
c.21-2n.com |
164 |
t.zer9g.com |
165 |
a.gwas.perl.sh |
166 |
gus.achtlemon.com |
167 |
ftp.byethost10.com |
168 |
a-gwas-01.slyip.net |
169 |
pp.abbny.com |
170 |
lpp.abbny.com |
171 |
junk.soquare.com |
172 |
up.auntions.com |
173 |
log.miniast.com |
174 |
wgc.witmone.com |
175 |
fee.xmrig.com |
176 |
b.beike.website |
177 |
a.beike.website |
178 |
sky.hobuff.info |
179 |
*.abseits.ski |
180 |
*.antpool.com |
181 |
*.binance.com |
182 |
*.bitcoin.com |
183 |
*.bitfex.trade |
184 |
*.btc.top |
185 |
*.btcc.com |
186 |
*.bw.com |
187 |
*.ccminer.org |
188 |
*.coinhive.com |
189 |
*.coinlab.biz |
190 |
*.cryptohosting.eu |
191 |
*.cryptonight.net |
192 |
*.cryptopool.eu |
193 |
*.ddns.net |
194 |
*.dedicatedpool.com |
195 |
*.easyx.cc |
196 |
*.ethosdistro.com |
197 |
*.f2pool.com |
198 |
*.gethash.cc |
199 |
*.go.ro |
200 |
*.hiveon.net |
201 |
*.mpool.su |
202 |
*.nanopool.org |
203 |
*.nicehash.com |
204 |
*.pool.mn |
205 |
*.triplemining.com |
206 |
*.webhop.me |
207 |
*.ydns.eu |
208 |
*.zpool.ca |
表2 ip地址清单
序号 |
ip |
1 |
5.181.156.138 |
2 |
5.133.65.56 |
3 |
194.180.174.94 |
4 |
194.180.174.102 |
5 |
194.180.174.95 |
6 |
194.180.174.107 |
7 |
170.33.13.96 |
8 |
141.255.164.16 |
9 |
45.153.184.134 |
10 |
5.135.164.140 |
11 |
104.238.180.207:9999 |
12 |
121.43.141.41:9518 |
13 |
128.199.85.196:13333 |
14 |
13.248.162.234:1800 |
15 |
135.125.163.215:2020 |
16 |
141.95.34.44:2020 |
17 |
142.44.243.6:9999 |
18 |
144.217.14.109:9999 |
19 |
151.80.144.188:9999 |
20 |
151.80.59.84:9999 |
21 |
159.65.142.47:13333 |
22 |
172.65.200.133:3385 |
23 |
172.65.200.133:3389 |
24 |
172.65.207.106:14444 |
25 |
172.65.212.80:3333 |
26 |
172.65.214.179:3333 |
27 |
172.65.215.159:3333 |
28 |
172.65.218.238:14444 |
29 |
172.65.226.101:14444 |
30 |
172.65.229.54:3333 |
31 |
172.65.231.156:14444 |
32 |
203.107.32.162:3636 |
33 |
207.246.100.198:9999 |
34 |
213.32.74.157:9999 |
35 |
35.71.165.243:3867 |
36 |
35.74.121.6:3867 |
37 |
35.76.171.103:3867 |
38 |
35.76.239.229:3867 |
39 |
39.99.246.212:6800 |
40 |
45.32.71.82:9999 |
41 |
45.76.65.223:9999 |
42 |
47.108.142.254:8008 |
43 |
47.108.150.31:8008 |
44 |
47.108.178.220:8008 |
45 |
47.108.194.7:8008 |
46 |
47.108.198.8:8008 |
47 |
47.108.60.120:8008 |
48 |
47.96.92.209:9518 |
49 |
51.15.55.162:9999 |
50 |
51.15.67.17:9999 |
51 |
51.195.104.49:5555 |
52 |
51.195.105.101:2020 |
53 |
51.195.105.62:5555 |
54 |
51.195.4.122:2020 |
55 |
51.195.4.174:2020 |
56 |
51.195.88.15:2020 |
57 |
51.195.89.38:2020 |
58 |
51.255.34.80:9999 |
59 |
51.79.176.93:5555 |
60 |
51.79.229.166:5555 |
61 |
51.89.41.153:5555 |
62 |
51.89.64.65:2020 |
63 |
52.223.7.31:3867 |
64 |
76.223.62.235:1800 |
65 |
8.136.41.145:1800 |
66 |
8.136.41.145:3333 |
67 |
8.136.41.145:443 |
