Irish Information Security Forum

2022 Adversary Infrastructure Report

Source: Recorded Future


Recorded Future


December , 2022

Recorded Future’s Insikt Group® conducted a study of malicious command-and-control (C2) infrastructure identified using proactive scanning and collection methods throughout 2022. All data was sourced from the Recorded Future® Platform and is current as of September 1, 2022.


Executive Summary
Recorded Future tracks the creation and modification of new malicious infrastructure for a multitude of
post-exploitation toolkits, custom malware, and open-source remote access trojans (RATs). Recorded Future observed over 17,000 unique command-and-control (C2) servers during 2022, which is up 30% from last year. Much like 2021, their collection in 2022 was dominated by Cobalt Strike team servers, botnet families including IcedID and QakBot, and popular RATs such as PlugX.

Read the report

cyber threat adversary infrastructure report 2022




If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland



We would like to thank these generous sponsors for their support. 

crowdstrike logo

zscaler logo



Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more


secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy Statement  - Sponsorship  - Cybersecurity News Topics  - Cybersecurity Resources  - Produced by
LinkedIn Twitter