diff --git a/modules/exploits/multi/misc/xdh_x_exec.rb b/modules/exploits/multi/misc/xdh_x_exec.rb
index 2eaca9b290..da2d37a138 100644
--- a/modules/exploits/multi/misc/xdh_x_exec.rb
+++ b/modules/exploits/multi/misc/xdh_x_exec.rb
@@ -13,11 +13,12 @@ class Metasploit4 < Msf::Exploit::Remote
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'           => 'Xdh / fBot IRC Bot Remote Code Execution',
+      'Name'           => 'Xdh / LinuxNet perlbot / fBot IRC Bot Remote Code Execution',
       'Description'    => %q{
           This module allows remote command execution on an IRC Bot developed by xdh.
           This perl bot was caught by Conor Patrick with his shellshock honeypot server
-          and is categorized by Markus Zanke as an fBot (Fire & Forget - DDoS Bot).
+          and is categorized by Markus Zanke as an fBot (Fire & Forget - DDoS Bot). Matt
+          Thayer also found this script which has a description of LinuxNet perlbot.
 
           The bot answers only based on the servername and nickname in the IRC message
           which is configured on the perl script thus you need to be an operator on the IRC
@@ -28,12 +29,14 @@ class Metasploit4 < Msf::Exploit::Remote
         [
           #MalwareMustDie
           'Jay Turla', # msf
-          'Conor Patrick' # initial discovery and botnet analysis
+          'Conor Patrick', # initial discovery and botnet analysis for xdh
+          'Matt Thayer' # initial discovery for LinuxNet perlbot
         ],
       'License'        => MSF_LICENSE,
       'References'     =>
         [
           [ 'URL', 'https://conorpp.com/blog/a-close-look-at-an-operating-botnet/' ],
+          [ 'URL', 'https://twitter.com/MrMookie/status/673389285676965889'], 
           [ 'URL', 'https://www.alienvault.com/open-threat-exchange/blog/elasticzombie-botnet-exploiting-elasticsearch-vulnerabilities' ] # details of what an fBot is
         ],
       'Platform'       => %w{ unix win },