China, US Top List Of Countries With Most Malicious IPs

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Brazil has 20% more risky IPs than Russia, Recorded Future's analysis shows.

New research by threat intelligence firm Recorded Future has yielded some surprising insights on risky IP addresses, their distribution around their world, and how organizations can protect against them.

Recorded Future tied four million known bad IP address back to the network operators to which they belonged in order to try and understand the risk posed by each operator. Each of the IPs in the list was known to be either currently or historically risky and was associated with behavior that ranged from "unusual" to the "very malicious."

The four million IPs that Recorded Future analyzed traced back to a total of 26,581 Autonomous System Numbers (ASNs), which are unique numbers for identifying the IP subnets managed by different operators.
Click to expand...

US Dominates


When Recorded Future looked at ASNs with the highest number of IPs associated with command and control activity, the US dominated the charts. The top three ASNs in this category were located in the US, while there were four ASNs overall in the top 10 list. The same result emerged when Recorded Future inspected IP addresses that were hardcoded into malware samples.


One explanation of why malicious activity is based in the US and countries like Canada and the UK is because threat actors want to make their traffic appear as innocent as possible, Recorded Future conjectures.
Click to expand...
 
  • Like
Reactions: Der.Reisende, frogboy, HaMeR and 1 other person
ispx

ispx

Level 13
Verified
Well-known
Jun 21, 2017
616
thank you for another extremely informative piece of news @LASER_oneXM,

allow me to quote some more from the same source :

Russia, which in recent months has been accused of a wide range of malicious activity, had a relatively low level of risky IP addresses, suggesting that bad actors there are exploiting infrastructure in other countries. Surprisingly, Brazil had 20% more risky IP addresses than Russia, while a group of Asian countries including Korea, Thailand, Vietnam, and India had two times as many bad IPs as Russia and Ukraine.

The US, which is often regarded as safer than many other countries, actually had the second highest number of bad IPs - second to China. But the IP addresses in the US were distributed across 360% more IPs in total than China.
Click to expand...

i guess that should bring an end to the china / russia bashing that usually happens in such scenarios.
 
  • Like
Reactions: Der.Reisende, frogboy and LASER_oneXM
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
    • Wow
    • +Reputation
Technology Apple won't pay bug bounty to Russian cybersecurity firm Kaspersky Lab
Replies
2
Views
727
Technology News
The_King
The_King
Gandalf_The_Grey
    • Like
    • Applause
Security News Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41
Replies
0
Views
233
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Wow
    • +Reputation
    • Thanks
Security News Hackers leak 2.7 billion data records with Social Security numbers
Replies
0
Views
2,356
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top