HoneyMire Hub

Attack #291683 ssh

Captured 2026-06-29 18:17:08Z by Ka on honeypot FR1 ⬜ docker-edge · firmware 0.1.0.

Session recording

Transcript

Server output and attacker input as captured, line-grain. Malware URLs are obscured until sign-in.

Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-91-generic x86_64)

 * Documentation:  hxxps://help[.]ubuntu[.]com
 * Management:     hxxps://landscape[.]canonical[.]com
 * Support:        hxxps://ubuntu[.]com/advantage

  System information as of 2408526

  System load:  0.08              Processes:           98
  Usage of /:   23.4% of 19.56GB  Users logged in:     0
  Memory usage: 28%               IP address for eth0: 10.0.0.42
  Swap usage:   0%

0 packages can be updated.
0 updates are security updates.

Last login: Mon Sep  4 09:14:21 2023 from 192.168.1.5
ubuntu@ubuntu-server:~$ 

Credentials

Username: ubuntu

Password: ubuntu

1 login attempt(s) before disconnect.

Geolocation hub-resolved

🇨🇳China · Shanxi · Liuxiang

Shanxi(CHINANET-SN) Network of ChinaTelecom · AS4134 CHINANET BACKBONE · 37.87,112.56

Network: isp · China Telecom · NSP · peeringdb · medium confidence

Behavioral classification

🔑 70% confidence

Logged in successfully but did nothing in the shell.

Reported to threat intel

none