Malware C2 Tracker
Tracking active malware infrastructure: C2 servers that malware phones home to, and distribution hosts that deliver payloads. Updated daily from sandbox analysis and community threat intel.
266
Families Tracked (7d)
1,682
Active C2 Hosts (7d)
2,490
Active Distribution Hosts (7d)
C2 Infrastructure Type (7d)
Hosting41%(1,520)
No DNS30%(1,099)
Unresolved16%(577)
Suspended3%(123)
ISP3%(107)
Sinkholed3%(104)
Unregistered2%(91)
Unknown1%(29)
Business1%(24)
Education0%(2)
Distribution Infrastructure Type (7d)
Hosting40%(1,297)
ISP37%(1,183)
No DNS20%(655)
Unresolved3%(88)
Business0%(8)
Unknown0%(2)
Unregistered0%(2)
Suspended0%(2)
Top C2 Hosting Countries (7d)
CountryHosts
- 1🇺🇸 US769
- 2🇳🇱 NL171
- 3🇭🇰 HK123
- 4🇨🇳 CN123
- 5🇩🇪 DE111
- 6🇸🇬 SG60
- 7🇷🇺 RU52
- 8🇬🇧 GB42
- 9🇫🇷 FR23
- 10🇯🇵 JP19
Top C2 Hosting Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.523
- 2DigitalOcean, LLC70
- 3Amazon.com, Inc.60
- 4HostPapa56
- 5Hetzner Online GmbH49
- 6Hangzhou Alibaba Advertising Co.,Ltd.42
- 7Shenzhen Tencent Computer Systems Company Limited36
- 8Akamai Connected Cloud30
- 9Google LLC28
- 10Alibaba (US) Technology Co., Ltd.25
Top Distribution Countries (7d)
CountryHosts
- 1🇺🇸 US1,135
- 2🇨🇳 CN900
- 3🇵🇰 PK80
- 4🇳🇱 NL44
- 5🇩🇪 DE37
- 6🇸🇬 SG26
- 7🇮🇳 IN24
- 8🇿🇦 ZA21
- 9🇮🇩 ID20
- 10🇷🇺 RU18
Top Distribution Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.1,071
- 2CHINA UNICOM China169 Backbone812
- 3CHINANET-BACKBONE73
- 4National WiMAX/IMS environment51
- 5Telkom SA Ltd.21
- 6National Internet Backbone18
- 7PT Telekomunikasi Indonesia17
- 81337 Services GmbH17
- 9Cyber Internet Services (Pvt) Ltd.16
- 10Tencent Building, Kejizhongyi Avenue14