Throughout 2022, SEKOIA.IO’s Threat & Detection Research (TDR) team continued to proactively track and monitor the Command & Control (C2) infrastructures set up and used by cybercriminal or state sponsored intrusion sets to carry out malicious cyber activities. Our analysts identified more than 65,000 IP addresses used as C2 servers in 2022, an increase of almost 50% compared to 2021. These IP addresses were found through more than 1,200 searches of internet scan results for more than 180 threats.
We published details of 2022 numbers in our FLINT 2023-002 - Command & Control infrastructures tracked by SEKOIA.IO in 2022