← Back to feed

139.59.4.137

TAGGED SUSPICIOUS how we decide →

Threat Confidence

58%

Location

🇮🇳 IN / Bengaluru

ASN

AS14061 · DigitalOcean, LLC

Cloud Provider

DigitalOcean

Total Events

237

Above average by volume

Agent Count

First / Last Seen

2026-06-01 06:09 — 2026-06-01 06:38

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595.002

Initial Access

T1078

Defense Evasion

T1070.004

Credential Access

T1110 T1110.001

Command and Control

T1105

External Corroboration

Blocklist.de

Reported 2026-06-01 07:03

blocklist_de:reported

Campaigns

HASSH f555226df196… — SSH-2.0-libssh_0.9.6 (906 IPs, 84 countries) HASSH Active high 🇨🇳 CN

906 IPs 381304 events

http:scanssh:bruteforce

2026-02-25 — ongoing · 906 IPs are running an identical SSH client (HASSH fingerprint f555226df196…). Top network: UCLOUD INFORMATION TECHNOLOGY HK LIMITED …

Session Forensics

malware_dropper ×9 credential_probe ×15 opportunistic_bruter ×9

Sessions

33 (18 with login)

Avg Depth Score

0.5

Commands Executed

Files Downloaded

Notable Commands

cd ~; chattr -ia .ssh; lockr -ia .ssh
lockr -ia .ssh
cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~

Fingerprints

HASSH

f555226df1963d1d3c09daf865abdc9a

SSH Client

SSH-2.0-libssh_0.9.6

Evidence Timeline

Credential Probe 2dbee105aa54 w4m_singapore_01 · 2026-06-01 06:38

1 20%

Loading events...

Malware Dropper 233d10cf6d10 w4m_singapore_01 · 2026-06-01 06:36

3 1 1 100%

Loading events...

Opportunistic Bruter 81646ad488c4 w4m_singapore_01 · 2026-06-01 06:36

1 50%

Loading events...

Credential Probe 4e5dce71fd57 w4m_singapore_01 · 2026-06-01 06:36

1 20%

Loading events...

Malware Dropper 2a7eddb97fa2 w4m_singapore_01 · 2026-06-01 06:35

3 1 1 100%

Loading events...

Opportunistic Bruter 261623473a3c w4m_singapore_01 · 2026-06-01 06:35

1 50%

Loading events...

Credential Probe 0433eec4548c w4m_singapore_01 · 2026-06-01 06:35

1 20%

Loading events...

Malware Dropper 752c78d05c9e w4m_singapore_01 · 2026-06-01 06:33

3 1 1 100%

Loading events...

Opportunistic Bruter a54e8cefb4a8 w4m_singapore_01 · 2026-06-01 06:33

1 50%

Loading events...

Credential Probe 5af5623fa4fe w4m_singapore_01 · 2026-06-01 06:33

1 20%

Loading events...

Opportunistic Bruter 945c3f490562 w4m_singapore_01 · 2026-06-01 06:31

1 50%

Loading events...

Malware Dropper bf1b31efdbca w4m_singapore_01 · 2026-06-01 06:31

3 1 1 100%

Loading events...

Credential Probe cd3f0b5b445b w4m_singapore_01 · 2026-06-01 06:31

1 20%

Loading events...

Credential Probe d4cf3fa34fb4 w4m_singapore_01 · 2026-06-01 06:30

1 20%

Loading events...

Credential Probe 0f0b81f21a9b w4m_singapore_01 · 2026-06-01 06:28

1 20%

Loading events...

Credential Probe 18b8fab03940 w4m_singapore_01 · 2026-06-01 06:27

1 20%

Loading events...

Credential Probe 3cbad4c7c7cb w4m_singapore_01 · 2026-06-01 06:25

1 20%

Loading events...

Opportunistic Bruter 9b42e7bb7ab5 w4m_singapore_01 · 2026-06-01 06:24

1 50%

Loading events...

Malware Dropper eff294aa6d3e w4m_singapore_01 · 2026-06-01 06:24

3 1 1 100%

Loading events...

Credential Probe ee3586733b56 w4m_singapore_01 · 2026-06-01 06:24

1 20%

Loading events...

Malware Dropper e6c0d01d6136 w4m_singapore_01 · 2026-06-01 06:22

3 1 1 100%

Loading events...

Opportunistic Bruter 620fc715e314 w4m_singapore_01 · 2026-06-01 06:22

1 50%

Loading events...

Credential Probe 0106c2343b64 w4m_singapore_01 · 2026-06-01 06:22

1 20%

Loading events...

Opportunistic Bruter 956db879f5bc w4m_singapore_01 · 2026-06-01 06:20

1 50%

Loading events...

Malware Dropper 2ae3b830c6aa w4m_singapore_01 · 2026-06-01 06:20

3 1 1 100%

Loading events...

Credential Probe cecc6c5a49ff w4m_singapore_01 · 2026-06-01 06:20

1 20%

Loading events...

Malware Dropper 539d9d0515ad w4m_singapore_01 · 2026-06-01 06:19

3 1 1 100%

Loading events...

Opportunistic Bruter 01ec4053f90f w4m_singapore_01 · 2026-06-01 06:19

1 50%

Loading events...

Credential Probe 90e2297232dd w4m_singapore_01 · 2026-06-01 06:19

1 20%

Loading events...

Malware Dropper 04abd71335e7 w4m_singapore_01 · 2026-06-01 06:17

3 1 1 100%

Loading events...

Opportunistic Bruter 61948f610a52 w4m_singapore_01 · 2026-06-01 06:17

1 50%

Loading events...

Credential Probe dc6bf9d4d2af w4m_singapore_01 · 2026-06-01 06:17

1 20%

Loading events...

Credential Probe 2e7b26421933 w4m_singapore_01 · 2026-06-01 06:09

1 20%

Loading events...