BG CLOUD ACCOUNTANCY?? – BEATONS GROUP?? – Compromised Automation Servers

Security

inetnum: 103.231.139.0 – 103.231.139.255
org-name: BGCLOUDSS
address: 4000 Tsentar, Plovdiv, Bulgaria
e-mail: andreyjulius07_at_gmail.com

** WE SUGGEST THIS NETWORK BE BLOCKED WORLDWIDE **

Here we have several servers on this network trying to Brute Force hack other internet systems. This appears to be part of a BOTNET. Multiple servers on this network appear to be infected with BotNet Software and systematically attacking internet systems.

Current IP Addresses with the most Abuse Complaints:
103.231.139.56
103.231.139.146

Many attack types appear to be originating from these 2 addresses. Several Honey Pots Worldwide have logged activities from these systems and we are working to get logging systems closer to the source of these addresses to get a better attack scope.

Doing a Google Search on BGCLOUDSS returns no real information on what this business is about. Is it a Hacker Front? None of these systems have reverse DNS setup, however when you search BGCLOUD you find that its Possibly Cloud Services for an Accountancy Group. This is now very scary. So now we have a company located in the UK that possibly has several of their automation servers hacked into and controlled by hackers that handle accounting.

We are having issues in verifying that these systems are part of BG CLOUD ACCOUNTANCY which is part of the BEATONS GROUP and looking into this further, however if anyone has any more information on this it would be greatly appreciated so that we can keep our data as accurate as possible.