Botnet Threat Update
Spamhaus tracks both Internet Protocol (IP) addresses and domain names used by threat actors for hosting botnet command & control (C&C) servers.
This data enables us to identify associated elements, which this report provides insight into, including the geolocation of the botnet C&Cs, the malware associated with them, the top-level domains used when registering a domain for a botnet C&C, and the sponsoring registrars and the network hosting the botnet C&C infrastructure.
Published 13 October 2022
It was a busy quarter for Q3! No rest up over the vacation period with a 38% increase in botnet C&Cs detected by the research team - so there's a lot for you to catch up on. This quarter, we saw a vast amount of botnet C&Cs out of China - download the report to find all the updates.
Published 19 July 2022
From the number of newly registered domains, to the domain abuse our researchers are observing, this update highlights trends, provides insights into the poor reputation of domains, and champions providers where positive improvements are seen.
Published 20 April 2022
It might've been a modest increase in new botnet C&Cs this quarter, but the offering of freebie services are attracting a load of badness and the LatAm region continues to struggle with abuse. Get all the latest insights in this quarter's report.
Published 20 January 2022
Q4 update on the botnet command and controllers our researchers are observing, including geolocation and who is hosting them.
Published 14 October 2021
Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux.
Published 13 July 2021
Researchers may have observed a 12%reduction in botnet command and controllers (C&Cs), however, more than one industry-leading provider is struggling to keep on top of botnet activity.