Find our analysis of the number of botnet command & control (C&C) servers and their associated elements.
Botnet Threat Update, Q3 2023
Spamhaus researchers observed a decrease in Botnet C&C's operators in Q3 (-16%). And with Qakbot's takedown headlining the news, it's no surprise associated Botnet C&Cs dropped by -41%, further strengthening CobaltStrike's position at the top. Get all the latest insights in this quarter's report.
Register for Marketing Updates
Every quarter we release three reports, plus ad hoc best practices, our latest research observations, and more. Be the first to receive it with the insight straight to your mailbox - strictly relevant content only, at most once a month.
Spamhaus researchers observed a decrease in Botnet C&C's operators in Q3 (-16%). With Qakbot's takedown headlining the news, it's no surprise associated Botnet C&Cs dropped by -41%, further strengthening CobaltStrike's position at the top.
Published 11 July 2023
Botnet C&C operators plateaued in Q2 (+1%). Spamhaus researchers observed 8,438 botnet C&Cs, with increases across The Americas and decreases across Europe - yet Cobalt Strike and Qakbot persist. Download the latest report to find all the updates.
Published 12 April 2023
Botnet C&C operators continued to escalate in Q1. Spamhaus researchers saw a 23% increase in newly observed botnet C&C servers - with Cobalt Strike and Quakbot ever-present. Get all the latest insights, including the rise in popularity of credential stealer RecordBreaker in this report.
Published 10 Jan 2023
In this two-page 2022 wrap-up, find the number of botnets C&Cs Spamhaus has identified (the largest number since our records began), plus the most prolific malware families associated with botnet C&Cs, and the networks and geolocations with the most botnet C&C traffic associated.
Published 12 Jan 2023
Botnet C&C operators gathered momentum in Q4. Spamhaus researchers saw a 56% increase in newly observed botnet C&C servers, the largest increase since Q3 2021! Get all the latest insights, including the rise of threats such as Qakbot and CobaltStrike, in this quarter's report.
Published 13 October 2022
It was a busy quarter for Q3! No rest up over the vacation period with a 38% increase in botnet C&Cs detected by the research team - so there's a lot for you to catch up on. This quarter, we saw a vast amount of botnet C&Cs out of China - download the report to find all the updates.
Published 19 July 2022
From the number of newly registered domains, to the domain abuse our researchers are observing, this update highlights trends, provides insights into the poor reputation of domains, and champions providers where positive improvements are seen.
Published 20 April 2022
It might've been a modest increase in new botnet C&Cs this quarter, but the offering of freebie services are attracting a load of badness and the LatAm region continues to struggle with abuse. Get all the latest insights in this quarter's report.
Published 20 January 2022
Q4 update on the botnet command and controllers our researchers are observing, including geolocation and who is hosting them.
Published 14 October 2021
Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux.
Published 13 July 2021
Researchers may have observed a 12%reduction in botnet command and controllers (C&Cs), however, more than one industry-leading provider is struggling to keep on top of botnet activity.
