First and foremost; Happy new year 2023 !
A new year celebration is not complete without a recap of the previous year. So here it is, graphics and compilation of what was seen by the C2 tracker in 2022.
A total of 979 Live C2 panels were registered in the tracker from January to December 2022. The panels were spread across 56 malware families. Some big malware name left the trakcer while new families made it in.
TOP10 of malware names
| Malware | Volume |
|---|---|
| Collector | 179 |
| AgentTesla | 145 |
| Oski | 97 |
| Amadey | 86 |
| Keitaro | 77 |
| Mars | 68 |
| Aurora | 58 |
| Lokibot | 54 |
| Azorult | 28 |
| Gomorrah | 21 |
TOP10 Hosting Country
| Country | Volume |
|---|---|
| Russia | 386 |
| United States | 230 |
| NetherLand | 68 |
| Germany | 50 |
| Vietnam | 41 |
| Luxembourg | 19 |
| Bulgaria | 16 |
| Sechelles | 14 |
| United Kingdom | 13 |
| KAzakhstan | 12 |
Top10 Hosting IP addresses
| IP address | Volume | AS Name |
|---|---|---|
| 185.179.188.139 | 77 | WEBHOST1-AS |
| 141.8.197.42 | 59 | SPRINTHOST |
| 103.151.122.110 | 40 | VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP |
| 141.8.192.151 | 26 | SPRINTHOST |
| 141.8.193.236 | 18 | SPRINTHOST |
| 198.251.89.144 | 13 | PONYNET |
| 142.4.0.135 | 10 | UNIFIEDLAYER-AS-1 |
| 144.76.115.36 | 8 | HETZNER-AS |
| 141.8.192.169 | 7 | SPRINTHOST |
| 141.8.192.58 | 6 | SPRINTHOST |
TOP10 Hostnames
| Hostname | Volume |
|---|---|
| 103.151.122.110 | 40 |
| sempersim.su | 16 |
| agusanplantation.com | 13 |
| 136.144.41.76 | 6 |
| renox.lol | 6 |
| 208.67.105.161 | 6 |
| 171.22.30.164 | 6 |
| update1.com | 5 |
| 107.189.4.253 | 5 |
| cq65758.tmweb.ru | 4 |
Article Link: 2022 C2 Tracker Recap in Graphics – ViriBack Blog