HoneyMire Hub

Attack #291988 ssh

Captured 2026-06-29 19:19:19Z by Ka on honeypot LU2 - SERVERS ⬜ docker-edge · firmware 0.1.0.

Source45.71.123.230:55520
Target port22
Authenticatedyes
Commands1
Duration2.0s

Session recording

Loading session…

Transcript

Server output and attacker input as captured, line-grain. Malware URLs are obscured until sign-in. 

cd ~; chattr -ia .ssh; lockr -ia .ssh
-bash: chattr: command not found
-bash: lockr: command not found

Credentials

Username: root

Password: 123456-a

1 login attempt(s) before disconnect.

Geolocation hub-resolved

🇧🇷Brazil · Rio Grande do Norte · Santo Antônio

AGRESTE TELECOMUNICAÇÕES EIRELI-ME · AS267619 AGRESTE TELECOMUNICAÇÕES EIRELI-ME · -6.31,-35.55

Network: residential · Agreste Telecomunicações · Cable/DSL/ISP · peeringdb · medium confidence

Behavioral classification

🤖 55% confidence

Automated tool, unknown family — uniform timing but no matched signature.

Matched signals:

Command summary

cd ~; chattr -ia .ssh; lockr -ia .ssh

Reported to threat intel

none

HoneyMire Hub · open feed: / · API: /api · docs: /docs · blocklists: /blocklists · about: /about · firmware: github.com/HoneyMire/HoneyMire