Malware C2 Tracker
Tracking active malware infrastructure: C2 servers that malware phones home to, and distribution hosts that deliver payloads. Updated daily from sandbox analysis and community threat intel.
189
Families Tracked (7d)
1,050
Active C2 Hosts (7d)
1,420
Active Distribution Hosts (7d)
C2 Infrastructure Type (7d)
Hosting43%(910)
No DNS37%(789)
Unresolved5%(114)
ISP4%(92)
Sinkholed3%(66)
Unregistered3%(62)
Suspended2%(45)
Unknown1%(27)
Business1%(19)
Education0%(2)
Distribution Infrastructure Type (7d)
No DNS46%(1,442)
ISP41%(1,279)
Unresolved8%(241)
Hosting4%(134)
Sinkholed1%(22)
Business0%(7)
Suspended0%(1)
Top C2 Hosting Countries (7d)
CountryHosts
- 1🇺🇸 US383
- 2🇩🇪 DE89
- 3🇷🇺 RU57
- 4🇭🇰 HK49
- 5🇨🇳 CN40
- 6🇬🇧 GB38
- 7🇳🇱 NL29
- 8🇨🇦 CA19
- 9🇸🇨 SC17
- 10🇫🇮 FI13
Top C2 Hosting Providers (7d)
ProviderHosts
- 1DigitalOcean, LLC183
- 2Hetzner Online GmbH55
- 3HostPapa24
- 4The Constant Company, LLC23
- 5Podaon SIA20
- 6Hangzhou Alibaba Advertising Co.,Ltd.20
- 7Omegatech LTD18
- 8Amazon.com, Inc.12
- 912651980 CANADA INC.12
- 10GLOBAL CONNECTIVITY SOLUTIONS LLP12
Top Distribution Countries (7d)
CountryHosts
- 1🇨🇳 CN244
- 2🇮🇳 IN82
- 3🇵🇰 PK81
- 4🇵🇭 PH19
- 5🇺🇸 US19
- 6🇷🇺 RU9
- 7🇳🇱 NL7
- 8🇪🇹 ET7
- 9🇩🇪 DE5
- 10🇬🇧 GB5
Top Distribution Providers (7d)
ProviderHosts
- 1CHINA UNICOM China169 Backbone208
- 2National Internet Backbone76
- 3National WiMAX/IMS environment76
- 4CHINANET-BACKBONE28
- 5Globe Telecom Inc.19
- 6Ethio Telecom7
- 7China Unicom IP network China169 Guangdong province5
- 8HOSTKEY B.V.4
- 9DigitalOcean, LLC4
- 10Omegatech LTD4