Reports

HostExploit presents the latest report on the Top 50 Bad Hosts and Networks, for Q4 2011.

There is one common denominator in cybercrime – it is hosted, served, or trafficked by some host or network operator somewhere. It could be assumed that such a succinct, yet true, statement should yield, in return, an equally concise solution. In fact, it provides only a place to start, albeit a very good one, in the complex world of cybercrime.

It has been a few years since the HostExploit "Top 50 Bad Hosts and Networks" reports began, during which time we have published, each quarter, the results of our analysis on all the world’s publicly-announced Autonomous Systems (ASes) which are serving and delivering, unwittingly or otherwise, malicious activities.

Luckily, we are not alone in seeing the value in presenting this comparative data (see report for a full list of our community partners). Through a range of charts and tables we give an overview on where internet badness is located. The aim is to encourage service providers to "clean up" and to be proactive in stopping the cybercriminal activities found on their servers.

Also, once again, Group-IB, Russia and the CIS’s leading computer security company (specializing in the investigation of computer crime, information security breaches, and computer forensics) collaborated with us to publish our report in both English and Russian.

HostExploit is pleased to present the next report in the Top 50 Bad Hosts & Networks series, for the period of 2011 Q3. For the second consecutive quarter, the report is published in collaboration with Russian security company Group-IB. Both English and Russian versions of the report are available to download now:

Download the English report (PDF) here.

Download the Russian report (PDF) here.

Download the Russian report (PDF) here from Group-IB.

This year has been characterized by frequent reports of hacks and data breaches with little change in Q3 2011 in a seemingly never ending outflow of data from organizations struggling to cope with the demands of ever changing technologies.

Social engineering is now acknowledged as a leading threat to organizations and businesses of all sizes with many lacking the resources to control this multi-faceted problem. The rise of personal gadgets used within the workplace brings its own set of problems too. Key to countering cybercrime in its many forms and guises is to raise awareness and to educate users/employees/IT personnel about current threats and the places that they are likely to come from.

The Q2 Top 50 Bad Hosts & Networks report encompasses analysis on all 38,030 currently advertised and commercial hosts (ASNs), focusing on the 50 worst offenders. HostExploit is pleased to announce that for the first time, and in collaboration with Group iB, the report is published in English and Russian with both versions available as free downloads. In addition, registration is no longer required to view the public reports.

Download the English report (PDF) here.

Download the Russian report (PDF) here.

Download the Russian report (PDF) here from Group iB.

In a quarter dominated by press stories from self-publicizing hackers such as Anonymous and LulzSec, matched with DDoS attacks and data exfiltration by others, it is easy to overlook the more widespread problems – as an example, there were around 350,000 website defacement hacks in this quarter and 1.5 million in 2010. Additionally, there are currently 800,000 plus web sites hosting malicious exploits and badware.

HostExploit is pleased to present the Q1 2011 report on the Top 50 Bad Hosts and Networks, taking a look at recent notable events such as the LizaMoon SQL attacks and the takedown of the Rustock botnet.

Download the two page summary (PDF) here and the full report (PDF) here.

In addition to HostExploit’s regular quarterly analysis of the world’s worst hosts for malicious activity – including spam, botnets, badware, phishing attacks and infections – the report looks at the fallout of major hacks and intrusions in the industry and what it means for the hosts themselves. Other pertinent topics such as Advanced Persistent Threats (APT), mobile malware and 32-bit ASNs are discussed.

The HostExploit (HE) series on worldwide cybercriminal activities continues in the Q4 2010 Report on the ‘Top 50 Bad Hosts and Networks’. The emphasis this quarter is on the repeat offending of some hosting providers.

Download the two page summary (PDF) here and the full report here.

VolgaHost AS29106 is no stranger to the Top 50 reports, having been in the top 10 for the entire 6 months prior to this quarter. And yet the effective badness levels have continued to rise to now take the #1 rank. Particularly prevalent on VolgaHost are Zeus servers and infected web sites.