
Botnet Threat Update, Q3 2023
Spamhaus researchers observed a decrease in Botnet C&C's operators in Q3 (-16%). And with Qakbot's takedown headlining the news, it's no surprise associated Botnet C&Cs dropped by -41%, further strengthening CobaltStrike's position at the top. Get all the latest insights in this quarter's report.

Register for Marketing Updates
Every quarter we release three reports, plus ad hoc best practices, our latest research observations, and more. Be the first to receive it with the insight straight to your mailbox - strictly relevant content only, at most once a month.

Published October 2023
Spamhaus researchers observed a decrease in Botnet C&C's operators in Q3 (-16%). With Qakbot's takedown headlining the news, it's no surprise associated Botnet C&Cs dropped by -41%, further strengthening CobaltStrike's position at the top.

Published 12 April 2023
Botnet C&C operators continued to escalate in Q1. Spamhaus researchers saw a 23% increase in newly observed botnet C&C servers - with Cobalt Strike and Quakbot ever-present. Get all the latest insights, including the rise in popularity of credential stealer RecordBreaker in this report.

Published 10 Jan 2023
In this two-page 2022 wrap-up, find the number of botnets C&Cs Spamhaus has identified (the largest number since our records began), plus the most prolific malware families associated with botnet C&Cs, and the networks and geolocations with the most botnet C&C traffic associated.

Published 13 October 2022
It was a busy quarter for Q3! No rest up over the vacation period with a 38% increase in botnet C&Cs detected by the research team - so there's a lot for you to catch up on. This quarter, we saw a vast amount of botnet C&Cs out of China - download the report to find all the updates.

Published 19 July 2022
From the number of newly registered domains, to the domain abuse our researchers are observing, this update highlights trends, provides insights into the poor reputation of domains, and champions providers where positive improvements are seen.

Published 20 January 2022
Q4 update on the botnet command and controllers our researchers are observing, including geolocation and who is hosting them.

Published 14 October 2021
Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux.