IPMediumSignal 0/100
164.132.235.17
Location
FranceRoubaix, Hauts-de-France
ASN
AS16276
OVH
First Seen
Jan 11, 2025
Last Seen
May 23, 2026
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Network Information
CountryFrance
FranceRegionRoubaix, Hauts-de-France
ASNAS16276
OrganizationOVH
Feed Intelligence Summary
5 reports0% confidence
5
Source reports
0%
Confidence score
Category tags
networkproxyresearched
Activity Timeline
May 23May 23
Threat Activity Heatmap
· Peak: 2026-05-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
5
Reports
First seenJan 11, 2025
Last seenMay 23, 2026
GeolocationFR
CountryFrance
LocationRoubaix, Hauts-de-France
ASNAS16276
OrgOVH
Coords50.6937, 3.1744
VirusTotal
Not checked
WHOIS
- description
- This threat intelligence pulse tracks a long-dormant wiper, dating back to the early 2000s, which has persisted across multiple environments undetected. The malware features sophisticated, "hidden" destructive mechanisms capable of widespread data wiping. It appears to leverage administrative-level access, allowing it to move laterally and compromise systems extensively. Continued inaction regarding this infection chain poses a critical risk to data integrity. The ONLY way to fix this as it has taken over the root is by addressing the problem for what it actually is, the math and drops do not lie, deletion and new certs/exp certs will fail. The science is clear, the answer is foggy. Its best to see clearly.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 5 threat reports