Malware C2 Tracker
Tracking active malware infrastructure: C2 servers that malware phones home to, and distribution hosts that deliver payloads. Updated daily from sandbox analysis and community threat intel.
262
Families Tracked (7d)
1,570
Active C2 Hosts (7d)
2,532
Active Distribution Hosts (7d)
C2 Infrastructure Type (7d)
No DNS38%(1,639)
Hosting32%(1,390)
Unresolved15%(656)
Suspended5%(211)
Sinkholed4%(162)
Unregistered3%(123)
ISP3%(110)
Unknown1%(54)
Business0%(14)
Education0%(2)
Distribution Infrastructure Type (7d)
Hosting41%(1,325)
ISP37%(1,201)
No DNS19%(627)
Unresolved2%(65)
Suspended0%(5)
Business0%(4)
Unknown0%(2)
Unregistered0%(2)
Top C2 Hosting Countries (7d)
CountryHosts
- 1🇺🇸 US771
- 2🇳🇱 NL167
- 3🇩🇪 DE119
- 4🇭🇰 HK91
- 5🇬🇧 GB68
- 6🇷🇺 RU56
- 7🇸🇬 SG42
- 8🇨🇳 CN35
- 9🇫🇷 FR27
- 10🇫🇮 FI22
Top C2 Hosting Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.589
- 2Hetzner Online GmbH58
- 3DigitalOcean, LLC51
- 4Amazon.com, Inc.51
- 5Akamai Connected Cloud31
- 6HostPapa29
- 7Omegatech LTD27
- 8OVH SAS24
- 9Google LLC21
- 1012651980 CANADA INC.15
Top Distribution Countries (7d)
CountryHosts
- 1🇺🇸 US1,161
- 2🇨🇳 CN898
- 3🇵🇰 PK81
- 4🇳🇱 NL48
- 5🇩🇪 DE34
- 6🇮🇳 IN30
- 7🇸🇬 SG25
- 8🇿🇦 ZA25
- 9🇷🇺 RU23
- 10🇮🇩 ID21
Top Distribution Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.1,105
- 2CHINA UNICOM China169 Backbone812
- 3CHINANET-BACKBONE70
- 4National WiMAX/IMS environment53
- 5Telkom SA Ltd.24
- 6National Internet Backbone22
- 7PT Telekomunikasi Indonesia18
- 8Cyber Internet Services (Pvt) Ltd.16
- 91337 Services GmbH15
- 10Globe Telecom Inc.14