Russia (RU) Threat Intelligence

RU

Russia has 142,762 malicious IP addresses with 3,454,394 abuse reports. Top threat categories include suspicious activity, severe abuse, professional threat, ssh bruteforce, moderate threat. Top attacking networks: Rostelecom (12,210 IPs), Biterika Group LLC (7,022 IPs), JSC Selectel (7,007 IPs). Data collected since 2022-08-23, last activity 2026-07-05.

Threat Assessment: Russia is one of the most significant sources of cyber threats globally, with an exceptionally high volume of malicious IP addresses. The dominant attack types are suspicious activity, severe abuse, professional threat. The majority of threats originate from networks operated by Rostelecom and Biterika Group LLC.

Total Reports
3,454,394
Unique IPs
142,762
First Seen
2022-08-23
Last Activity
2026-07-05

Top Threat Categories

Suspicious Activity 103,142
Severe Abuse 28,860
Professional Threat 20,377
Ssh Bruteforce 12,188
Moderate Threat 9,155

Top Attacking Networks

AS12389 Rostelecom
12,210 IPs
AS35048 Biterika Group LLC
7,022 IPs
AS49505 JSC Selectel
7,007 IPs

Most Reported IPs in Russia

81.177.101.45 404 reports
80.253.31.232 403 reports
79.104.0.82 401 reports
85.95.166.40 400 reports
176.211.42.202 398 reports

Access this data via API

Get Russia threat intelligence programmatically.

curl https://ip.wayscloud.services/api/country/RU

View full API documentation

See how we classify and verify threats →

Check any IP from Russia

Look up threat intelligence for a specific IP address.

Related: Country Threat Ranking Country Risk Trends → Top Malicious IPs → AS12389 Intelligence AS35048 Intelligence AS49505 Intelligence Global Attack Trends Detect Malicious Traffic

Loading threat intelligence data...