Malware C2 Tracker
Tracking active malware infrastructure: C2 servers that malware phones home to, and distribution hosts that deliver payloads. Updated daily from sandbox analysis and community threat intel.
212
Families Tracked (7d)
1,053
Active C2 Hosts (7d)
1,954
Active Distribution Hosts (7d)
C2 Infrastructure Type (7d)
Hosting42%(895)
No DNS36%(767)
Sinkholed7%(149)
ISP5%(108)
Unregistered4%(90)
Unresolved3%(72)
Unknown2%(34)
Suspended1%(18)
Business1%(15)
Education0%(1)
Distribution Infrastructure Type (7d)
ISP44%(1,200)
No DNS28%(770)
Hosting27%(747)
Business0%(5)
Suspended0%(4)
Unresolved0%(3)
Education0%(1)
Unknown0%(1)
Top C2 Hosting Countries (7d)
CountryHosts
- 1🇺🇸 US397
- 2🇩🇪 DE95
- 3🇷🇺 RU76
- 4🇳🇱 NL68
- 5🇬🇧 GB45
- 6🇭🇰 HK43
- 7🇨🇳 CN31
- 8🇦🇪 AE22
- 9🇫🇷 FR21
- 10🇫🇮 FI17
Top C2 Hosting Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.180
- 2Hetzner Online GmbH56
- 3Amazon.com, Inc.33
- 4Google LLC23
- 5SERVERS TECH FZCO22
- 6Omegatech LTD20
- 7HostPapa17
- 8Podaon SIA16
- 9NEON CORE NETWORK LLC13
- 10Amazon.com, Inc.13
Top Distribution Countries (7d)
CountryHosts
- 1🇺🇸 US672
- 2🇨🇳 CN651
- 3🇮🇳 IN170
- 4🇵🇰 PK161
- 5🇵🇭 PH38
- 6🇷🇺 RU27
- 7🇳🇱 NL22
- 8🇮🇩 ID18
- 9🇸🇪 SE18
- 10🇪🇹 ET17
Top Distribution Providers (7d)
ProviderHosts
- 1Cloudflare, Inc.625
- 2CHINA UNICOM China169 Backbone550
- 3National Internet Backbone152
- 4National WiMAX/IMS environment150
- 5CHINANET-BACKBONE70
- 6Globe Telecom Inc.37
- 7China Unicom IP network China169 Guangdong province19
- 8Ethio Telecom17
- 9PT Telekomunikasi Indonesia16
- 10Telkom SA Ltd.15