Threat IntelligenceMar 17, 2026
"The IP 195.211.190[.]189 was hosted on infrastructure from Railnet LLC — a legal front for Russi...
Security researchers identified IP 195.211.190.189 as part of infrastructure operated by Railnet LLC, a front company for Russian bulletproof hosting provider Virtualine. This discovery links malicious infrastructure to Russia-based hosting services commonly used to support ransomware and state-sponsored cyber operations.
Summary
Security researchers identified IP 195.211.190.189 as part of infrastructure operated by Railnet LLC, a front company for Russian bulletproof hosting provider Virtualine. This discovery links malicious infrastructure to Russia-based hosting services commonly used to support ransomware and state-sponsored cyber operations.
Indicators of Compromise
- ip — 195.211.190.189