Introduction
Here we summarize the total activity over all time for the top 25 Countries related to Command and Controls for botnets. This report is a duplicate of the pages we have here.
Note that all timestamps are in UTC+0.
Fields
| Field | Description |
| GeoLoc | Country code |
| Number | Total number of seen C&C's over all time |
| Closed | How many of the total C&C's are closed and shutdown |
| CC DDoS | How many DDoS's did those C&C's initiate |
| CC Scans | How many scans did those C&C's initiate |
| CC CHosts | Number of systems C&C's from this Country compromised other systems |
| TGT DDoS | The number of times this Country was targeted for a DDoS |
| TGT Scans | Number of times this Country was targeted for a scan and exploit |
| TGT CHosts | Number of systems that were compromised within this Country |
| URL's | Number of URL's that were either malicious, or seen from some malicious activity |
Sample
Sorted by Total Number of Command and Control Servers
"GeoLoc","Number","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" "US",6899,"57%",322602,2290383,126182,806553,3653198,259095,7165161 "NL",1861,"27%",532872,3857,53,98788,249788,4493,411321 "DE",1504,"62%",92978,6275022,127807,61461,398473,81529,1951078 "CA",1312,"40%",6042,28037,530336,166339,239277,10964,1808230 "UK",1186,"38%",95018,30956,3685,46780,466618,34686,613851 "SE",918,"18%",1888,5152,4676,41092,197531,4267,50020 "FR",601,"39%",6127,121500,1184,14504,196601,46805,174178 "CN",500,"83%",2632199,2562608,21665,2232979,434248,119698,461103 "FI",469,"3%",27,0,0,713,115123,1376,19823 "HU",457,"8%",1516,1138,5,797,76212,6489,20522 "NO",406,"12%",180,167,0,460,49942,897,17782 "KR",400,"83%",7887,81265,141636,3405,450211,12391,173090 "BE",373,"7%",17474,13221,2985,478,44969,3816,12123 "JP",270,"65%",1984,37006,18283,1264,304820,31843,375460 "TW",250,"81%",85651,34893,753,741,98129,25130,149026 "TR",237,"67%",9607,28058,548,4422,64583,5630,367100 "RU",237,"47%",382749,3987,3517,294694,638526,25565,769935 "LB",201,"1%",8,5490,31,377,26257,73,1007 "IN",185,"43%",21698,1137,1,13309,545029,27748,13529 "IT",183,"64%",3282,18250032,5582,12483,196276,73035,68510 "PL",180,"35%",203,870,80,2299,179072,48108,128213 "RO",148,"55%",8964,2763,91,2561,136560,9554,65545 "UA",107,"45%",46188,12258,3241,23003,53280,5432,170769 "BR",106,"80%",1261,11687,3298,3305,3623743,48972,130637 "IE",101,"14%",42,392,0,2212,116538,3838,9051 "ES",99,"39%",567,837,3415,3553,297581,17315,162765 "PA",96,"13%",3401,2,233,1260,440325,711,268142
Sorted by Rate of Highest Closed Number of Command and Control Servers
"GeoLoc","Number","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" "PK",19,"100%",340,112,0,1831,77299,11189,2981 "AE",14,"100%",180,216,0,1324,25175,1471,9815 "MA",13,"100%",2,2,0,1806,5592,5760,2400 "BA",10,"100%",1,105,0,96,2553,812,2030 "LK",5,"100%",0,0,0,186,9005,483,366 "UG",4,"100%",0,0,0,2,1367,49,69 "JM",3,"100%",0,0,0,3,12034,16,949 "PR",3,"100%",13,22,0,104,71016,575,1815 "AM",3,"100%",0,0,0,16,19302,14,23 "IS",3,"100%",0,0,0,18,4771,35,1012 "DZ",3,"100%",0,0,0,131,8600,1070,856 "MN",2,"100%",0,0,0,0,2954,21,557 "SD",2,"100%",0,0,0,2,621,26,5 "MV",2,"100%",0,0,0,3,2282,3,12 "DO",2,"100%",0,0,0,70,147830,302,871 "NA",1,"100%",10,0,0,193,2808,7,678 "SV",1,"100%",1,751,0,115,144130,68,122 "MZ",1,"100%",16,0,0,1,252,17,3 "BO",1,"100%",3,0,0,324,355045,94,314 "AL",1,"100%",0,0,0,316,2666,21,1112 "TN",1,"100%",0,0,0,42,234,4001,14 "MK",1,"100%",0,1,0,1139,4152,930,29707 "NG",1,"100%",0,0,0,78,11954,67,758 "CY",1,"100%",0,0,0,338,19336,36,949266 "BD",1,"100%",0,0,0,41,14685,139,346 "GR",58,"96%",63,1672,287,511,70680,1136,10126 "SI",58,"96%",316,2396,3050,1872,8827,652,2879
Sorted by Rate of Lowest Closed of Command and Control Servers
"GeoLoc","Number","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" "LB",201,"1%",8,5490,31,377,26257,73,1007 "FI",469,"3%",27,0,0,713,115123,1376,19823 "CR",32,"3%",0,43251,10599,3165,202776,632,998 "AZ",30,"3%",11,0,0,15,5885,63,1044 "DK",68,"5%",2,4540,0,994,35635,1387,30070 "EE",74,"6%",239,0,0,1338,7557,352,13969 "BE",373,"7%",17474,13221,2985,478,44969,3816,12123 "HU",457,"8%",1516,1138,5,797,76212,6489,20522 "BY",12,"8%",0,0,0,743,21473,908,158 "LU",85,"10%",4897,0,0,2860,18485,184,377351 "KZ",34,"11%",441,1,0,10732,15275,3390,948 "NO",406,"12%",180,167,0,460,49942,897,17782 "PA",96,"13%",3401,2,233,1260,440325,711,268142 "IE",101,"14%",42,392,0,2212,116538,3838,9051 "SE",918,"18%",1888,5152,4676,41092,197531,4267,50020 "PY",5,"20%",174,3036,194,153,91012,632,149 "ID",87,"25%",15,124,0,4323,136910,2503,5475 "CZ",66,"25%",1256,3509,0,897,41265,2776,26204 "NL",1861,"27%",532872,3857,53,98788,249788,4493,411321 "PT",35,"31%",244,88,0,258,45355,4584,19505 "AT",76,"32%",414,316,127,1705,60264,3009,17300 "PL",180,"35%",203,870,80,2299,179072,48108,128213 "UK",1186,"38%",95018,30956,3685,46780,466618,34686,613851 "VN",13,"38%",0,10,0,252,18647,1239,2114 "FR",601,"39%",6127,121500,1184,14504,196601,46805,174178 "ES",99,"39%",567,837,3415,3553,297581,17315,162765 "CA",1312,"40%",6042,28037,530336,166339,239277,10964,1808230
<< | Reports | >>
