Russia (RU) Threat Intelligence

RU

Russia has 101,676 malicious IP addresses with 2,410,264 abuse reports. Top threat categories include ssh bruteforce, generic bruteforce, rdp bruteforce, web attack, botnet c2. Top attacking networks: Rostelecom (8,413 IPs), Biterika Group LLC (5,470 IPs), JSC Selectel (4,987 IPs). Data collected since 2022-08-23, last activity 2026-04-16.

Threat Assessment: Russia is one of the most significant sources of cyber threats globally, with an exceptionally high volume of malicious IP addresses. The dominant attack types are ssh bruteforce, generic bruteforce, rdp bruteforce. The majority of threats originate from networks operated by Rostelecom and Biterika Group LLC.

Total Reports
2,410,264
Unique IPs
101,676
First Seen
2022-08-23
Last Activity
2026-04-16

Top Threat Categories

Ssh Bruteforce 8,261
Generic Bruteforce 1,485
Rdp Bruteforce 313
Web Attack 176
Botnet C2 57

Top Attacking Networks

AS12389 Rostelecom
8,413 IPs
AS35048 Biterika Group LLC
5,470 IPs
AS49505 JSC Selectel
4,987 IPs

Most Reported IPs in Russia

176.120.22.13 2,361 reports
45.135.232.92 1,785 reports
176.120.22.47 1,439 reports
45.140.17.124 911 reports
176.120.22.17 791 reports

Access this data via API

Get Russia threat intelligence programmatically.

curl https://ip.wayscloud.services/api/country/RU

View full API documentation

See how we classify and verify threats →

Check any IP from Russia

Look up threat intelligence for a specific IP address.

Related: Country Threat Ranking Country Risk Trends → Top Malicious IPs → AS12389 Intelligence AS35048 Intelligence AS49505 Intelligence Global Attack Trends Detect Malicious Traffic

Loading threat intelligence data...