HostExploit New Report: ‘Top 50 Bad Hosts and Networks’ Q4 2011 'Hosts: Victims of Cybercrime?'

In ‘Top 50 Bad Hosts and Networks Report’ Q4 2011 HostExploit focuses on malicious internet activity served from nearly 40,000 public Autonomous Systems worldwide. Special features include the ‘Pocket Botnet’ and the Dirt Jumper DDoS botnets.
Spread the Word
Listed Under

Internet Security


Sarasota - Florida - US

Jan. 24, 2012 - PRLog -- HostExploit’s (HE) Q4 2011 ‘Top 50 Bad Host and Networks’ report (, released today, provides a quantitative analysis of all hosts and networks worldwide on the basis that all cybercrime is hosted, served, and transmitted by a host or a network operation. It is co-published with Group-IB, who operates CERT-GIB – the first private computer emergency response team in Russia.

Throughout 2011, internet users faced numerous threats as organizations large and small fell foul to attacks on their systems leading to several commentators branding 2011 as ‘the year of the data breach’. There were some truly shocking revelations about large-scale data breaches with many questions still outstanding on the ‘who, where and why.’ The year ended as it began with yet another data breach of epic proportions, with more than 75,000 credit card numbers and 850,000 usernames and passwords being stolen from strategic forecaster ‘Stratfor’.

New threats in 2011 included the appearance of the first smartphone infections with botnet-like attributes to bring the reality of a ‘pocket botnet’ ever closer. 2012 will see more of the same as the popularity of the smartphone, as the device of choice for accessing the internet, continues to increase and ensures that cybercriminals will make it their target in pursuit of financial gain. There is a special feature on this subject in  HE’s Q4 2011 report (

Featured too in the report is an overview of the analysis performed on the ‘Dirt Jumper’ DDoS botnet by newly-formed security group DeepEnd Research – a fusion of independent, experienced and highly-respected  researchers.

As a regular feature, the HE Bad Hosts report identifies which hosts have the most malicious activities in terms of delivering botnets, spam, phishing, exploits, viruses, etc., via their servers. Each category has its own clearly reported analysis which, when combined, gives an overview on where internet badness is located.

Highlights from the Q4 2011 report include a new “#1 Bad Host”: Lithuanian (LT) AS47583 Hosting Media supporting some of the worst types of threats including several botnet-related activities such as Zeus as well as C&C servers, exploit servers, phishing servers, malware and badware.

It is our opinion that publicizing information in this fashion helps service providers to gauge their own levels of ‘badness’, to compare their performance against other providers and serves as an alert or early warning about a problem that time-pressured hosting providers may have overlooked.

Additionally, HE firmly believes it makes sense for hosting providers to be proactive and to engage in self-regulation. After all, it makes no economic sense to gain a bad reputation.

By highlighting the ‘bad’ hosts, who put money before concern for the safety of Internet users, we can raise awareness among webmasters and domain owners. Armed with this information they can make an informed decision about where to host their websites. Hosting providers will thus be provided with an incentive to stay clean in a highly competitive market.

Further analysis on individual Autonomous Systems (ASN), for example AS47583 Hosting Media, can be downloaded from our website

Note: Every reasonable effort has been made to assure that the source data for this report was up to date, accurate, complete and comprehensive at the time of the analysis.

About (

HostExploit provides open source intelligence on cyber security issues and cybercriminal operations. In providing analysis of all the public Internet servers worldwide the quarterly Top Bad Hosts reports and daily SiteVet updates aim to maximize the awareness for hosts, registrars, governmental and cyber security researchers.

About Group-IB (

Group-IB is Russia and the CIS’s (Commonwealth of Independent States) leading computer security company, specializing in the investigation of computer crime, information security breaches, and computer forensics.

On the basis of Group-IB, CERT-GIB operates as the first private computer emergency response team in Russia. CERT-GIB provides the client with comprehensive support in minimizing informational risks, consisting of technical, organizational, and legal advice.

# # #

HostExploit provides open source intelligence on cyber security issues and cybercriminal operations. The aim is to maximize the awareness for hosts, registrars, governmental and cyber security researchers.
Source:Bryn Thompson & Bogdan Vovchenko
Email:*** Email Verified
Phone:702 425 6183
Zip:FL 34238
Tags:Cybercrime, Internet Security, Botnets, Ddos, Hosts
Industry:Internet, Security, Computers
Location:Sarasota - Florida - United States
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
HostExploit PRs
Trending News
Top Daily News
Top Weekly News

Like PRLog?
Click to Share