Over 1,250 C2 Servers Discovered in Russian Hosting Infrastructure
Severity: High (Score: 70.5)
Sources: Cybersecuritynews, Gbhackers
Summary
Cybersecurity researchers have identified a network of over 1,250 command-and-control (C2) servers operating within Russia's commercial hosting ecosystem. This discovery was made over a three-month period from January 1 to April 1, 2026, involving 165 different infrastructure providers. The analysis utilized tools like Host Radar and HuntSQL to map these servers, revealing a significant and organized cyber threat. The C2 servers are likely being used to facilitate various cybercriminal activities, although specific attack methods or vectors were not detailed in the articles. The scope of the impact is substantial, given the number of providers involved and the potential for widespread exploitation. Currently, the status of these servers remains active, posing ongoing risks to cybersecurity. The findings highlight the need for enhanced monitoring and defensive measures in the region. Key Points: • 1,250+ C2 servers identified across 165 Russian hosting providers. • Research conducted from January 1 to April 1, 2026. • Tools like Host Radar and HuntSQL were used for mapping the servers.