14,932
edits
Changes
Jump to navigation
Jump to search
Line 33:
Line 33: − + − :*Key figures: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→2021 Cybercrime Reports
* [[Spamhaus]]'s 2021 Q2 Report<ref>[https://www.spamhaus.org/news/article/813/spamhaus-botnet-threat-update-q2-2021 Botnet Update,Spamhaus]</ref> <br/>
* [[Spamhaus]]'s 2021 Q2 Report<ref>[https://www.spamhaus.org/news/article/813/spamhaus-botnet-threat-update-q2-2021 Botnet Update,Spamhaus]</ref> <br/>
This report focused on [[Botnet Attacks|botnet]] [[Command and Control]] activity and compared the findings from Q1 with Q2.
This report focused on [[Botnet Attacks|botnet]] [[Command and Control]] activity and compared the findings from Q1 with Q2. Key figures:
# A 594% increase of newly registered botnet C&C domains at [[NameSilo]]! This sudden uptick knocked [[Namecheap]] out of first place.
# A 594% increase of newly registered botnet C&C domains at [[NameSilo]]! This sudden uptick knocked [[Namecheap]] out of first place.
# Working with the [[FBI]], Spamhaus discovered 1.3 million compromised email accounts; 22,000 compromised domains; and 3,000 compromised networks.
# Working with the [[FBI]], Spamhaus discovered 1.3 million compromised email accounts; 22,000 compromised domains; and 3,000 compromised networks.
# The three hosting providers with the largest abuse problems and/or worst [[DNS Abuse responses|responses]] to abuse reports are [[Ipjetable]], [[Google]], and [[Microsoft]]. <br/>
Other significant Spamhaus findings:
{| class="wikitable"
! Top 20 Most Commonly Used Malware Families (ranked) !! Function !! Most Commonly Attacked TLDs (ranked) !! Top 20 Geo-Locations of C&C Botnet Servers (ranked)
|-
| Raccoon || dropper || [[.com]] || U.S.
|-
| RedLine || RAT || [[.xyz]] || Russia
|-
| AsyncRAT || Credential Stealer || [[.buzz]] || Netherlands
|-
| Loki || RAT || [[.top]] || Germany
|-
| Gozi || RAT || [[.br]] || France
|-
| BitRAT || Credential Stealer || [[.vip]] || Latvia
|-
| Oski || RAT || [[.org]] || U.K.
|-
| VjWOrm || Credential Stealer || [[.ru]] || Ukraine
|-
| NjRAT || Credential Stealer || [[.net]] || Switzerland
|-
| RemcosRAT || e-banking Trojan || [[.cloud]] || Seychelles
|-
| NanoCore || RAT || [[.tk]] || Czech Republic
|-
| AgentTesla || RAT || [[.cn]] || Moldova
|-
| Tofsee || RAT || [[.eu]] || Panama
|-
| Arkei || RAT || [[.ga]] || Canada
|-
| STRRAT || credential Stealer || [[.ml]] || Malaysia
|-
| CryptoBot || credential Stealer || [[.online]] || Poland
|-
| CobaltStrike || RAT || [[.live]] || Finland
|-
| ServeHelper || credential Stealer || [[.su]] || Vietnam
|-
| IcedID || dropper || [[.info]] || Turkey
|-
| QuasarRAT || dropper || [[.cf]] || Brazil
|}
==Organizations==
==Organizations==