89.238.166.235

Published: March 18, 2024

ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.

Short bio

The IP address 89.238.166.235 was blocked as part of the range 89.238.166.235/32 by Malwarebytes because it is associated with a Trojan.

Malicious behavior

Server(s) at this IP address were found to be act as Command & Control (C2) servers for a malware campaign that used brute-force RDP attacks.

Protection

Malwarebytes blocks the IP address 89.238.166.235 because it is associated with a Trojan.

Malwarebytes blocks 89.238.166.235

Malwarebytes blocks 89.238.166.235

Add an exclusion

Should users wish to visit a blocked IP Address and exclude it from being blocked, they can add it to the exclusions list. Here’s how to do it.

Open Malwarebytes for Windows.
Click the Detection History
Click the Allow List
To add an item to the Allow List, click Add.
Select Allow a website.
Select Add an IP address and enter the IP address that you wish to exclude.
Click on Done and the IP address should appear in your Allow List.

Similiar detections

185.93.89.118 149.56.85.65 204.76.203.41 195.178.110.163 5.59.248.127 95.214.53.198 89.248.165.13 45.148.10.90 209.141.46.155 193.68.89.10 View all IP detections >

Products

Services

Why ThreatDown

Get Help

Managed Services Terms & Conditions

Detection Details