Botnet threat Jan to June 2024_Twitter_Social card_#1

Botnet Threat Update,
Jan-Jun 2024

Overall Botnet activity decreased between January and June this year by -6%. Cobalt Strike also declined by -41%. Meanwhile, android backdoors were on the rise, with new entries from Hook and Coper. Read the full report.

Jan-Jun24

Published 9 July 2024

Overall botnet activity decreased between January and June this year by -6%. Cobalt Strike also declined by -41%. Meanwhile, android backdoors were on the rise, with new entries from Hook and Coper. Read the full report.

Q4 2023

Published 11 January 2024

In Q4 2023, the number of botnet command and control (C&C) servers increased by 16%. China, the United States, and Russia were the countries leading the pack, with a significant spike in Bulgaria, and a disappointing surge in active botnet C&Cs across big-name networks.

Q3

Published October 2023

Spamhaus researchers observed a decrease in Botnet C&C's operators in Q3 (-16%). With Qakbot's takedown headlining the news, it's no surprise associated Botnet C&Cs dropped by -41%, further strengthening CobaltStrike's position at the top. 

Q2 2023

Published 11 July 2023

Botnet C&C operators plateaued in Q2 (+1%). Spamhaus researchers observed 8,438 botnet C&Cs, with increases across The Americas and decreases across Europe - yet Cobalt Strike and Qakbot persist. Download the latest report to find all the updates.

Q1 2023 button

Published 12 April 2023

Botnet C&C operators continued to escalate in Q1. Spamhaus researchers saw a 23% increase in newly observed botnet C&C servers - with Cobalt Strike and Quakbot ever-present. Get all the latest insights, including the rise in popularity of credential stealer RecordBreaker in this report.

Frame 29_x2

Published 10 Jan 2023

In this two-page 2022 wrap-up, find the number of botnets C&Cs Spamhaus has identified (the largest number since our records began), plus the most prolific malware families associated with botnet C&Cs, and the networks and geolocations with the most botnet C&C traffic associated. 

Frame 30

Published 12 Jan 2023

Botnet C&C operators gathered momentum in Q4. Spamhaus researchers saw a 56% increase in newly observed botnet C&C servers, the largest increase since Q3 2021! Get all the latest insights, including the rise of threats such as Qakbot and CobaltStrike, in this quarter's report.

Q3 2022

Published 13 October 2022

It was a busy quarter for Q3! No rest up over the vacation period with a 38% increase in botnet C&Cs detected by the research team - so there's a lot for you to catch up on. This quarter, we saw a vast amount of botnet C&Cs out of China - download the report to find all the updates.

Frame 23

Published 19 July 2022

From the number of newly registered domains, to the domain abuse our researchers are observing, this update highlights trends, provides insights into the poor reputation of domains, and champions providers where positive improvements are seen.
     

5-1

Published 20 April 2022

It might've been a modest increase in new botnet C&Cs this quarter, but the offering of freebie services are attracting a load of badness and the LatAm region continues to struggle with abuse. Get all the latest insights in this quarter's report.

4-1

Published 20 January 2022

Q4 update on the botnet command and controllers our researchers are observing, including geolocation and who is hosting them.

2-1

Published 14 October 2021

Q3 has seen a massive 82% rise in the number of new botnet command and controllers (C&Cs) identified by our research team. They have observed an explosion in the use of backdoor malware with nefarious operators hiding behind FastFlux.

1-1

Published 13 July 2021

Researchers may have observed a 12%reduction in botnet command and controllers (C&Cs), however, more than one industry-leading provider is struggling to keep on top of botnet activity.