Sign in Subscribe
analytics

Hack Attempts Stats

Some stats on the latest hack attempts of my own server hosting various community online services.

Hintea Dan Alexandru

3 min read
Hack Attempts Stats
Image source: https://phishingtackle.com/articles/who-attack-failed/

TOP Per Country

  1. 🇨🇳 CN - China (243 IPs)
  2. 🇩🇪 DE - Germany (140 IPs)
  3. 🇺🇸 US - United States of America (87 IPs)
  4. 🇷🇺 RU - Russian Federation (67 IPs)
  5. 🇬🇧 GB - United Kingdom of Great Britain and Northern Ireland (41 IPs)
  6. 🇳🇱 NL - Netherlands (40 IPs)
  7. 🇻🇳 VN - Viet Nam (35 IPs)
  8. 🇫🇷 FR - France (33 IPs)
  9. 🇭🇰 HK - Hong Kong (32 IPs)
  10. 🇧🇷 BR - Brazil (29 IPs)
  11. 🇮🇩 ID - Indonesia (25 IPs)
  12. 🇺🇦 UA - Ukraine (22 IPs)
  13. 🇰🇷 KR - Korea (Republic of) (21 IPs)
  14. 🇮🇳 IN - India (20 IPs)
  15. 🇸🇬 SG - Singapore (18 IPs)
  16. 🇲🇽 MX - Mexico (17 IPs)
  17. 🇲🇦 MA - Morocco (17 IPs)
  18. 🇮🇷 IR - Iran (Islamic Republic of) (17 IPs)
  19. 🇵🇰 PK - Pakistan (14 IPs)
  20. 🇵🇱 PL - Poland (14 IPs)
  21. ... 67 more

TOP Per Country + ISP

  1. 🇩🇪 Contabo GmbH - DE - Germany (63 IPs)
  2. 🇨🇳 China Mobile Communications Corporation - CN - China (26 IPs)
  3. 🇨🇳 Tencent Cloud Computing (Beijing) Co. Ltd. - CN - China (24 IPs)
  4. 🇫🇷 OVH SAS - FR - France (19 IPs)
  5. 🇨🇳 Tencent Cloud Computing (Beijing) Co. Ltd - CN - China (19 IPs)
  6. 🇲🇦 Maroc Telecom - MA - Morocco (17 IPs)
  7. 🇷🇺 LIR Limited - RU - Russian Federation (17 IPs)
  8. 🇨🇳 ChinaNet Guangdong Province Network - CN - China (17 IPs)
  9. 🇮🇩 PT Telkom Indonesia - ID - Indonesia (17 IPs)
  10. 🇨🇳 ChinaNet Yunnan Province Network - CN - China (16 IPs)
  11. 🇨🇳 ChinaNet Shandong Province Network - CN - China (14 IPs)
  12. 🇺🇸 rdpdaddy.com - US - United States of America (14 IPs)
  13. 🇭🇰 Contabo GmbH - HK - Hong Kong (14 IPs)
  14. 🇰🇷 KT Corporation - KR - Korea (Republic of) (14 IPs)
  15. 🇳🇱 Alexander Valerevich Mokhonko - NL - Netherlands (14 IPs)
  16. 🇨🇳 Shanghai UCloud Information Technology Company Limited - CN - China (10 IPs)
  17. 🇪🇬 TE Data - EG - Egypt (9 IPs)
  18. 🇩🇪 Tube Hosting - DE - Germany (9 IPs)
  19. 🇻🇳 Vietnam Posts and Telecommunications Group - VN - Viet Nam (8 IPs)
  20. 🇬🇧 Contabo GmbH - GB - United Kingdom of Great Britain and Northern Ireland (8 IPs)
  21. 🇹🇼 Chunghwa Telecom Co. Ltd. - TW - Taiwan (Province of China) (8 IPs)
  22. 🇺🇸 Google LLC - US - United States of America (8 IPs)
  23. 🇬🇧 British Telecommunications PLC - GB - United Kingdom of Great Britain and Northern Ireland (8 IPs)
  24. 🇧🇪 FlyServers S.A. - BE - Belgium (7 IPs)
  25. 🇨🇳 ChinaNet Zhejiang Province Network - CN - China (7 IPs)
  26. 🇨🇳 ChinaNet Jiangsu Province Network - CN - China (7 IPs)
  27. 🇩🇪 SC Lithuanian Radio and TV Center - DE - Germany (7 IPs)
  28. 🇷🇺 Express Courier LLC - RU - Russian Federation (6 IPs)
  29. 🇨🇳 ChinaNet Fujian Province Network - CN - China (6 IPs)
  30. 🇵🇭 Philippine Long Distance Telephone Company - PH - Philippines (6 IPs)
  31. 🇨🇳 Aliyun Computing Co. Ltd - CN - China (6 IPs)
  32. 🇩🇪 Privax Ltd - DE - Germany (6 IPs)
  33. 🇩🇪 AVAST Slovakia s.r.o. - DE - Germany (5 IPs)
  34. 🇳🇱 Veraton Projects Ltd. - NL - Netherlands (5 IPs)
  35. 🇲🇽 Uninet - MX - Mexico (5 IPs)
  36. 🇨🇳 ChinaNet Jiangxi Province Network - CN - China (5 IPs)
  37. 🇧🇿 FlyServers S.A. - BZ - Belize (5 IPs)
  38. 🇷🇺 IPX - FZCO - RU - Russian Federation (5 IPs)
  39. 🇨🇳 ChinaNet Shanghai Province Network - CN - China (5 IPs)
  40. 🇮🇳 Bharti Airtel Ltd. - IN - India (5 IPs)
  41. 🇬🇧 Information & Computing Center Ltd. - GB - United Kingdom of Great Britain and Northern Ireland (5 IPs)
  42. 🇨🇳 Shenzhen Qianhai bird cloud computing Co. Ltd. - CN - China (4 IPs)
  43. 🇩🇪 Hetzner Online GmbH - DE - Germany (4 IPs)
  44. 🇨🇳 ChinaNet Hubei Province Network - CN - China (4 IPs)
  45. 🇩🇪 DataDelivery s.r.o. - DE - Germany (4 IPs)
  46. 🇲🇽 Gestion de Direccionamiento Uninet - MX - Mexico (4 IPs)
  47. 🇺🇸 ColoCrossing - US - United States of America (4 IPs)
  48. 🇨🇳 China Unicom Henan Province Network - CN - China (4 IPs)
  49. 🇷🇺 OOO Network of Data-Centers Selectel - RU - Russian Federation (4 IPs)
  50. 🇺🇸 OVH US LLC - US - United States of America (4 IPs)
  51. ... 499 more

Some Context

  • Hack Attempt Logs are from the last two months (Mid-November '23 to Mid-January '24).
  • IP geographic location details acquired via https://www.iplocation.net/.
  • My attacked server's data center is located 📍 in Germany, Europe 🇩🇪.
  • Some traffic was most likely routed through legit countries and ISPs even though it originated from sketch ones 🇷🇺🔀🇺🇸. Even more so since I progressively blocked malicious IP ranges. This would explain high traffic from such countries, especially from Germany since that's the location of my server.
  • Attempts were of brute-force kind (credentials trial-and-error). Targeting server login (ssh, mstsc), database login (sqlserver, mysql, oracle, postgres, etc.) and such.